Jump to content

sql query eventviewer logs

gcue

By gcue,
in AutoIt General Help and Support

 Share

Recommended Posts

gcue Universalist

gcue

Posted
Posted (edited)

hello world

i am not sure why I am not getting results from this.. when in fact there are errors that fit the criteria

$host = "localhost"

$objWMIService = ObjGet("winmgmts:\\" & $host & "\root\cimv2")

$past_15days = _DateAdd("D", -15, _NowCalc())
$past_15days = StringReplace($past_15days, "/", "")
$past_15days = StringReplace($past_15days, ":", "")
$past_15days = StringStripWS($past_15days, 8)

$Query_Clause = "Select * FROM Win32_NTLogEvent WHERE Logfile='Application' AND Type='Error' AND TimeWritten>'" & $past_15days & "'"

$colItems = $objWMIService.ExecQuery($Query_Clause)

$count = 0

If IsObj($colItems) Then
For $objEvent In $colItems
;~  $time_stamp = $objEvent.TimeWritten
;~  debug($time_stamp, $past_15days)

$error = $objEvent.Message

consolewrite($error & @crlf)

$count += 1
Next
EndIf

I tried with and without the single quotes around $past_15days

I know I can probably do this in one shot (getting the count which I have not been able to try yet since I cannot get accurate results)

thanks in advance!

Edited by gcue
Link to comment
Share on other sites
BrewManNH Universalist

BrewManNH

Posted
Posted

What format does the date have to be in for this to work?

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Link to comment
Share on other sites
BrewManNH Universalist

BrewManNH

Posted
Posted

_NowCalc returns the date/time in a different format.

_NowCalc

Returns the current Date and Time in format YYYY/MM/DD HH:MM:SS for use in date calculations.

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Link to comment
Share on other sites
jchd Universalist

jchd

Posted
Posted

The following works for me:

#include 

$host = "localhost"

$objWMIService = ObjGet("winmgmts:\\" & $host & "\root\cimv2")

$past_15days = _DateAdd("D", -15, _NowCalc())
$past_15days = StringReplace($past_15days, "/", "")
$past_15days = StringReplace($past_15days, ":", "")
$past_15days = StringStripWS($past_15days, 8)
$past_15days &= ".000000-000"
ConsoleWrite("From: " & $past_15days & @LF)

;~ $Query_Clause = "Select * FROM Win32_NTLogEvent WHERE Logfile='Application' AND Type='Error' AND TimeWritten>'" & $past_15days & "'"
$Query_Clause = "Select * FROM Win32_NTLogEvent WHERE Logfile='Application' AND TimeWritten>'" & $past_15days & "'"

$colItems = $objWMIService.ExecQuery($Query_Clause)

If IsObj($colItems) Then
ConsoleWrite("Number of events: " & $colItems.count & @LF)
For $objEvent In $colItems
$time_stamp = $objEvent.TimeWritten
$error = $objEvent.Message
ConsoleWrite($time_stamp & " -> " & $error & @LF)
Next
EndIf

But I wonder if the format will do for you: I'm running a French version with datetime locale format YMD... not a US local (maybe YDM or something even weirder). MSDN is clear as mud on this (as usual now).

This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Link to comment
Share on other sites
gcue Universalist

gcue

Posted
  • Author
Posted

also, how would i get the count in one shot?

this isnt' working..

$Query_Clause = "Select COUNT(*) FROM Win32_NTLogEvent WHERE Logfile='Application' AND Type='Error' AND TimeWritten>'" & $past_15days & "'"

$colItems = $objWMIService.ExecQuery($Query_Clause)

_arraydisplay($colitems)
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...