Re: Auto Event Log monitoring
- From: Gary <Gary@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 6 Feb 2007 00:01:00 -0800
Hi,
Set an eventtrigger up to call a simple script that then calls a vbs script.
In the vbs script use WMI to interogate the event log and pull the exact
detail you want. Use the script to format the information and send it to a
nominated admin account using blat.
This way you can keep the eventtrigger very simple (and therefore no hassle
if its lost) and keep all the logic in your script (which i am sure you'll
save somewhere safe).
Rgds,
G.
--
A Sys Admin is me!
"JayKon" wrote:
.Snare? http://sourceforge.net/projects/snare/ Log to file or to the Snare
Backlog then read the file,
Looks right, unfortunatly, I'm prevented from installing new software :( I
can only write simple scripts. Ain't contracting fun?
"JayKon" <JayKon@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6E803EBE-48DD-49DE-A516-46D704D90749@xxxxxxxxxxxxxxxx
I've been monitoring c:\Windows\system32\config\AppEvent.evt to see when a
particular event occurs, however, I noticed that the time stamp on the
file
tends to be several hours old (when I can see entries after that in the
Event
Viewer).
What this means to me is that I can't write a program that reads this file
to create a simple notification - which is a bummer.
Anyone know what I can do to resolve this? I need access to the current
event log data from outside the Event Viewer.
- References:
- Re: Auto Event Log monitoring
- From: Anthony
- Re: Auto Event Log monitoring
- Prev by Date: Re: Flexibility of Eventriggers in Win2003 - query on source + wil
- Next by Date: Windows 2003 RDP remote desktop problem for just one account
- Previous by thread: Re: Auto Event Log monitoring
- Next by thread: Re: Auto Event Log monitoring
- Index(es):
Relevant Pages
|
