I'm sure that some days it seems you spend all your time putting out fires and responding requests for help; often because something has happened that is out of the ordinary. In the Windows world, this is actually normal. Things happen all the time because Microsoft Windows is often referred to as an example of event driven programming. You click a button and that action triggers an event. A service is stopped and that triggers an event, often a new event log entry. Often, we respond to negative or unexpected events well after the fact. What would be helpful is a way to watch for critical events and take action immediately.

There may be times troubleshooting an intermittent problem. Obviously you can't sit around all days waiting and watching. Or perhaps you need to take a more proactive approach and respond when a critical service stops. With a little work, you can take advantage of Windows events and create event subscriptions that watch and wait for you. Depending on the tool you can even take automatic action such as sending an email message or launching a program or script.

In my article Tools for Proactive Troubleshooting in Windows 7,' I'll explain how to watch for events using the Task Scheduler, which is the easiest approach. You can create a scheduled task that launches when a specified event is written to an event log. Basic and general events are pretty easy to manage, but for anything super specific you'll need to resort to a little XML magic. But I have an example to help get you started.

In the article, I also show you how to use the GUI-based WBEMTest.exe utility to create a WMI-based notification query. And I'll provide an introduction on how to use the eventing tools in Windows PowerShell in this video. The ad hoc approach to event monitoring that I discuss is meant to be a short-term and for the most part temporary. For ongoing monitoring and alerting, you will be better served by investing in a 3rd party management solution.

Go check out the article and video I referenced in this post and let me know if they help you out.