Does windows stop services gracefully or kills them when an error (memory overflow, etc) occurs?

Question

Firstly sorry for my poor english. I don't really know how to formulate the question, but I can explain you my intentions so it may help you to understand me better.

Im developing tool that notifies you when a windows service goes down.

The exact logic that I follow is:

1. When a service goes down gracefully logs an event that you can see in windows event viewer. I've created a sheduled task that will be triggered when the service is stopped according to windows event log (Thanks to a XML filter).
2. This task triggers a powershell script that sends a request to a telegram bot that will notify me when the service dies.

This process works perfectly when I manually stop the service (From service.msc or Powershell's Stop-Service). The objective is to have a realtime track of the service, and in this case works correctly.

The problem comes here: I cannot force the service to crash in order to see if it logs information in windows event viewer.

My questions are:

1. If an error occurs will windows shut the service down gracefully (like when using Stop-Service) or will it kill the process without registering any log info (like when using taskkill /f)?
2. Any other suggestions? Is there another way to track a windows service in real time and trigger a script without a loop that runs every certain time.

Hope y'all understand me :)

Answer 1

If a service crashes, you should still see an error message in the event log under Windows Logs > System. The Source will be "Service Control Manager" and Event ID should be either 7031 or 7032 or 7034.

So you can add a filter for these and have your PowerShell script run on these kinds of events as well.