I'm trying to create a Policy Control to detect that the Snare service (Windows logging application) is running. I believe I need to create an WMI Query Check. I've identified the service as "sc" in the following directory. Help assitance would be greatly appreciated!
scquery [ServiceName] | findstr /i "STATE"
STATE :4 RUNNING
STATE : 1 STOPPED