RE: Security Log Category and Type Codes (using dumpel)

They would be in some *.h file, as a TYPEDEF, used to compile the Event
Viewer app. I have heard that the Windows source is out there, but I don't
have access to it.
--
Mark L. Ferguson
"Rob" wrote:
Does anyone know of or have a cross reference for the Security log
numeric Category and Type field codes that are shown in the output of
dumpel? When viewing the Security log with Event Viewer, the Category
and Type fields are displayed with text. dumpel just shows a numeric
value. An example difference would be, Type field shows "8" in dumpel
and "Security Audit" in Event Viewer.

I've written this batch and vb script to dump the Security log during
boot time. Having the cross reference would make this much easier to
interperate.

If you're interested in performing similar logging you can get dumpel
from Microsoft's website:

download.microsoft.com/download/win2000platform/WebPacks/1.00.0.1/NT5/
EN-US/Dumpel.exe

Thanks in Advance!

Rob Ramsey

-------------------------------------
c:\win_make_log.bat
-------------------------------------

@echo on

:: set variables

set tdtd=none
set ttrn=none

:: get the date and time and then combine into single variable

for /F "tokens=2-4 delims=/ " %%i in ('date /t') do set tdtd=%%i_%%j_%
%k
for /F "tokens=5-8 delims=:. " %%i in ('echo.^| time ^| find "current"
') do set ttrn=_%%i%%j
set tufn=security_%tdtd%%ttrn%.log

:: now create the file

"c:\Program Files\Resource Kit\dumpel.exe" -l security -f c:
\security_log\%tufn%

:: clear security event log

c:\i386\cscript.exe clear_security_log.vbs

:EOF

-------------------------------------
c:\clear_security_log.vbs
-------------------------------------

strComputer = "."

Set objWMIService = GetObject ("winmgmts:" &
"{impersonationlevel=impersonate, (Backup, Security)}!\\" &
strComputer & "\root\cimv2")

Set colLogFiles = objWMIService.ExecQuery ("SELECT * FROM
Win32_NTEventLogFile WHERE LogFileName='Security'")

For Each objLogfile in colLogFiles

objLogFile.ClearEventLog()

Next


.

Relevant Pages

  • Security Log Category and Type Codes (using dumpel)
    ... Does anyone know of or have a cross reference for the Security log ... dumpel just shows a numeric ... Type field shows "8" in ...
    (microsoft.public.windowsxp.security_admin)
  • Security Log Category and Type Codes (using dumpel)
    ... Does anyone know of or have a cross reference for the Security log ... dumpel just shows a numeric ... Type field shows "8" in ...
    (microsoft.public.win2000.security)
  • Security Log Category and Type Codes (using dumpel)
    ... Does anyone know of or have a cross reference for the Security log ... When viewing the Security log with Event Viewer, ... dumpel just shows a numeric ... Type field shows "8" in dumpel ...
    (microsoft.public.windowsxp.help_and_support)
  • Security Log Category and Type Codes (using dumpel)
    ... Does anyone know of or have a cross reference for the Security log ... dumpel just shows a numeric ... Type field shows "8" in ...
    (microsoft.public.security)
  • Re: security log is full
    ... Start>Settings>Control Panel>Admin Tools>Event Viewer ... Right click the security log, ... > I have WinXP Pro with fast user switching enabled. ...
    (microsoft.public.windowsxp.security_admin)