I have searched through previous forum posts related to this topic but have not been able to find an answer.
Goal: To be able to fire off an alert when particular windows services are down
Setup: We use Grafana Cloud Advanced bundle. We are running Alloy on all of our Windows servers and use RemoteCFG within Grafana. I do have “service” as an enabled collector.
This is the PromQL that I wrote for the alert to start:
windows_service_status{instance=“servernamegoeshere”, name=~" service#1|service#2|service#3|service#4|service#5", status=“ok”, environment!=“Production”}
The above query successfully split up my services and is alerting on each of them individually under 1 alert. The issue I’m having is even when I stop the service it’s still showing as “status=ok” so the alarm does not trigger.
I ran the command above in Powershell on the server and noticed even though the state is “stopped” it still shows the status as “ok”. I’m guessing this is my issue…
Through googling I tried to run a query of "windows_service_state{instance=“servernamegoeshere”, name=“service#1”} – but it comes back with no data. My goal was to have it alert whenever state!=running, which would alert on any status other than running (I’d think).
Does Alloy not have the ability to do “windows_service_state”? If not, are there any other recommendations on how to set this up using Alloy? Figured I’d check here before opening up a ticket with Grafana.
Thanks in advance!
