Process running powershell

Download process-running.ps1

Posts whether a named process is running and how many instances. Use for desktop apps that should always be open (e.g. a kiosk app) or daemons that get killed by their parent restart.

Placeholders only. Before running, replace YOUR_URL with your capture endpoint's POST URL . (Open this page from your capture object to have these auto-filled.)

# process-running.ps1 — is X.exe running?

$Url     = "YOUR_URL/process"
$Process = "notepad"   # name without .exe

$Procs = @(Get-Process -Name $Process -ErrorAction SilentlyContinue)
$Body = (@{
  hostname  = $env:COMPUTERNAME
  process   = $Process
  running   = ($Procs.Count -gt 0)
  count     = $Procs.Count
}) | ConvertTo-Json -Compress

Invoke-RestMethod -Uri $Url -Method Post -Body $Body `
  -ContentType "application/json" -TimeoutSec 15 | Out-Null

Recommended pairing

Add a capture.value check to this capture object.
json_path = running, op = ==, threshold = false (alert when not running).

What is the filename?

process-running.ps1 — this is the suggested name for the downloaded file. Rename freely if you prefer.