dolphins Posted April 1, 2015 Share Posted April 1, 2015 Hi, in C# I can set a filter when I read the Event log. Example: I only want the Errors from the application Event log, the SourceName should be "MyApp", the CategoryString should be "whatever" and TimeGenerated should be >= "some dateTime" (that is possible in C#). Is there a way to do that in AutoIt, other than read the whole log and filter every single record with "if" statements? Thanks in advance dolphins Link to comment Share on other sites More sharing options...
Moderators JLogan3o13 Posted April 1, 2015 Moderators Share Posted April 1, 2015 You can query with the built in Windows wevtutil utility and the qe switch to filter events. "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum! Link to comment Share on other sites More sharing options...
Spider001 Posted April 1, 2015 Share Posted April 1, 2015 Other option '?do=embed' frameborder='0' data-embedContent>> Link to comment Share on other sites More sharing options...
orbs Posted April 1, 2015 Share Posted April 1, 2015 the WMI way - adapt this to your needs: '?do=embed' frameborder='0' data-embedContent>> Signature - my forum contributions: Spoiler UDF: LFN - support for long file names (over 260 characters) InputImpose - impose valid characters in an input control TimeConvert - convert UTC to/from local time and/or reformat the string representation AMF - accept multiple files from Windows Explorer context menu DateDuration - literal description of the difference between given dates Apps: Touch - set the "modified" timestamp of a file to current time Show For Files - tray menu to show/hide files extensions, hidden & system files, and selection checkboxes SPDiff - Single-Pane Text Diff Link to comment Share on other sites More sharing options...
dolphins Posted April 2, 2015 Author Share Posted April 2, 2015 Thanks everybody for the answers. @Spider001 Since there is no .NET installed on the Server (and it is not allowed to install it for security reasons), I am not going for this way. @orbs I am using WMI in C# to read the Event log from the Client. Unfortunately since Windows Server 2008 you must use the user "Administrator" to use WMI. On Windows Server 2003 it was enough to use a user that is in the Administrator Group. At least this is when you connect with WMI from a Client to a Server. Not sure if you run WMI directly on the Server !? @JLogan3o13 I didn't know about that tool. I will give it a try! Thanks Link to comment Share on other sites More sharing options...
dolphins Posted April 2, 2015 Author Share Posted April 2, 2015 I just tried the solution suggested by @orbs. It works fine on a Windows Server 2012 with a user of the Administrator Group (I did start the AutoIt-program on the Server). Thanks again! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now