57 lines
1.6 KiB
YAML
57 lines
1.6 KiB
YAML
- name: service
|
|
type: group
|
|
description: >
|
|
`service` contains the status for Windows services.
|
|
release: beta
|
|
fields:
|
|
- name: id
|
|
type: keyword
|
|
example: hW3NJFc1Ap
|
|
description: >
|
|
A unique ID for the service. It is a hash of the machine's GUID and the
|
|
service name.
|
|
|
|
- name: name
|
|
type: keyword
|
|
example: Wecsvc
|
|
description: >
|
|
The service name.
|
|
|
|
- name: display_name
|
|
type: keyword
|
|
example: Windows Event Collector
|
|
description: >
|
|
The display name of the service.
|
|
|
|
- name: start_type
|
|
type: keyword
|
|
description: >
|
|
The startup type of the service. The possible values are `Automatic`,
|
|
`Boot`, `Disabled`, `Manual`, and `System`.
|
|
|
|
- name: state
|
|
type: keyword
|
|
description: >
|
|
The actual state of the service. The possible values are `Continuing`,
|
|
`Pausing`, `Paused`, `Running`, `Starting`, `Stopping`, and `Stopped`.
|
|
|
|
- name: exit_code
|
|
type: keyword
|
|
description: >
|
|
For `Stopped` services this is the error code that service reports
|
|
when starting to stopping. This will be the generic Windows service
|
|
error code unless the service provides a service-specific error code.
|
|
|
|
- name: pid
|
|
type: long
|
|
example: 1092
|
|
description: >
|
|
For `Running` services this is the associated process PID.
|
|
|
|
- name: uptime.ms
|
|
type: long
|
|
format: duration
|
|
input_format: milliseconds
|
|
description: >
|
|
The service's uptime specified in milliseconds.
|