This script was written to quickly identify services which have failed to start on Windows Server 2016 after boot. This problem can be caused by a lack of disk IO on virtual machines, due to a number of servers all rebooting at the same time. For example when Windows updates are installed.
clear
# Get System Event log
$SysEventLog = Get-Eventlog -LogName System
# Get the last shutdown request message
$LastShutdownRequest = $($SysEventLog | Where-Object{$_.EventID -eq 1074} | Sort Index)[-1]
# Find any services which timed out on startup after last shutdown request
$TimeoutServices = $SysEventLog | Where-Object{
$_.Index -gt $LastShutdownRequest.Index -and
$_.EventID -eq 7009 -and
$_.Source -eq "Service Control Manager" -and
$_.EntryType -eq "Error"
}
# Output information:
$Output = New-object PSObject -Property @{
'Last shutdown request' = $LastShutdownRequest.TimeGenerated
'Last shutdown message' = $LastShutdownRequest.Message
'Timed out services count' = $TimeoutServices.Count
'Timeout events' = $TimeoutServices | Select TimeGenerated, Message
}
# Display shutdown message and count of services which has failed to startup after boot
$Output | Format-List 'Last shutdown request', 'Last shutdown message', 'Timed out services count'
# List failed services
$Output.'Timeout events' | Format-List