There are a number of modules that provide information about windows services.

• Microsoft.Windows.ExistingWin32ServiceInformationProvider
• Microsoft.Windows.Win32ServiceInformationProvider
• Microsoft.Windows.ExistingWin32ServiceInformationProbe
• Microsoft.Windows.Win32ServiceInformationProbe

They are distinguished from each other in two different dimensions.  They can refer only to existing services, and they can be either a probe or a data source.  All of them output the same data.  The difference is when they will output the data.  The 'Existing' versions of the modules only operate on services that are installed on the machine.  They will never output State with either 'SERVICE_NOT_FOUND' or 'SERVER_NOT_FOUND'.  The Provider versions will output data when the service state changes in some way, or every 10th 'Frequency' seconds.  The Probe versions output data every time they are executed.

An example configuration for a Provider is:

<ComputerName>SAMPA01</ComputerName>
<ServiceName>SNMP</ServiceName>
<Frequency>60</Frequency>

The configuration for Probes is exactly the same, but without the Frequency parameter.

Internally, all of the modules read the state of the windows service in the same way.  They combine the outputs of the following Win32 calls, QueryServiceStatus, QueryServiceStatusEx, QueryServiceConfig, and QueryServiceConfig2.  The output data is a PropertyBag with the following properties and meanings.

Name	Type	Meaning
State	Integer	One of the following values 1 : SERVICE_STOPPED 2 : SERVICE_START_PENDING 3 : SERVICE_STOP_PENDING 4 : SERVICE_RUNNING 5 : SERVICE_CONTINUE_PENDING 6 : SERVICE_PAUSE_PENDING 7 : SERVICE_PAUSED 8 : SERVICE_NOT_FOUND 9 : SERVER_NOT_FOUND
ServiceType	Integer	This is a bit mask with the following values 0x00000001 SERVICE_KERNEL_DRIVER 0x00000002 SERVICE_FILE_SYSTEM_DRIVER 0x00000010 SERVICE_WIN32_OWN_PROCESS 0x00000020 SERVICE_WIN32_SHARE_PROCESS
StartMode	Integer	0 : SERVICE_BOOT_START 1 : SERVICE_SYSTEM_START 2 : SERVICE_AUTO_START 3 : SERVICE_DEMAND_START 4 : SERVICE_DISABLED
ErrorControl	Integer	0 : SERVICE_ERROR_IGNORE 1 : SERVICE_ERROR_NORMAL 2 : SERVICE_ERROR_SEVERE 3 : SERVICE_ERROR_CRITICAL
TagId	Integer	A unique tag value for this service in the group specified by the lpLoadOrderGroup parameter. A value of zero indicates that the service has not been assigned a tag.
ProcessId	Integer	This is the process id of the process hosting this service.  It can be either it's own process, or a shared process with other services.
Name	String	This is the name of the service.
BinaryPathName	String	This is the full path to the binary that hosts this service.
LoadOrderGroup	String	This is the name of the load order group, such as "NDIS"
Dependencies	String	Dependent services for this service.
ServiceStartName	String	If the service type is SERVICE_WIN32_OWN_PROCESS or SERVICE_WIN32_SHARE_PROCESS, this member is the name of the account that the service process will be logged on as when it runs. This name can be of the form DomainName\Username". If the account belongs to the built-in domain, the name can be of the form ".\Username". The name can also be "LocalSystem" if the process is running under the LocalSystem account. If the service type is SERVICE_KERNEL_DRIVER or SERVICE_FILE_SYSTEM_DRIVER, this member is the driver object name (that is, \FileSystem\Rdr or \Driver\Xns) which the input and output (I/O) system uses to load the device driver. If this member is NULL, the driver is to be run with a default object name created by the I/O system, based on the service name.
DisplayName	String	The display name to be used by service control programs to identify the service
Description	String	The description of the service.