5.02021-11-21T21:55:18ZUM_DOIT_Metrics/Templates{Metrics Windows Defender:service.info[MsMpSvc].last()}<>0 and {Metrics Windows Defender:service.info[WinDefend].last()}<>0No malware scan service runningAVERAGEYES{Metrics Windows Defender:service.info[MsMpSvc].last()}=0 and {Metrics Windows Defender:eventlog[{$AV_EVENTLOG},,,{$AV_SOURCE},1150,,skip].nodata(8h)}=1Windows Antimalware set macro $AV_EVENTLOG = SystemYESWindows service state0Running1Paused2Start pending3Pause pending4Continue pending5Stop pending6Stopped7Unknown255No such service