Jump to content
Sign in to follow this  
ca143508

Exporting Event Logs

Recommended Posts

ca143508

Guys,

Is there a way using autoit to automate the exporting of a particular event log (system for example) to a txt (TAB Delimited)? I have seem the UDFs but I want the entire log. Not a single entry.....

Cheers

Mike.

Share this post


Link to post
Share on other sites
martin

Guys,

Is there a way using autoit to automate the exporting of a particular event log (system for example) to a txt (TAB Delimited)? I have seem the UDFs but I want the entire log. Not a single entry.....

Cheers

Mike.

It's not very clear to me what you want to do, but if you want to build up a series of items for a report and then write them to a file in one go you can just add each item to a string, with tabs and @CR where needeed, and write that string to a file when you have finished.

A log file would normally write a line at a time if it was important to know what had been happening even if the program terminated unexpectedly.


Serial port communications UDF Includes functions for binary transmission and reception.printing UDF Useful for graphs, forms, labels, reports etc.Add User Call Tips to SciTE for functions in UDFs not included with AutoIt and for your own scripts.Functions with parameters in OnEvent mode and for Hot Keys One function replaces GuiSetOnEvent, GuiCtrlSetOnEvent and HotKeySet.UDF IsConnected2 for notification of status of connected state of many urls or IPs, without slowing the script.

Share this post


Link to post
Share on other sites
ca143508

I want a way to export the Windows event log to a tab delimited file without any user interaction.... I know you can do it from the Event viewer but that requires some interaction from the end user.

Share this post


Link to post
Share on other sites
SoulA

Here is some code you can adapt

#Include <EventLog.au3>

$file = FileOpen("eventlog.txt", 2)
If $file = -1 Then Exit

$hEventLog = _EventLog__Open ("", "Application")
$count = _EventLog__Count($hEventLog)

For $i = 0 to $count
    $aEvent = _EventLog__Read($hEventLog, True, False)
    FileWrite($file, "Result ............: " & $aEvent[0] & @CRLF)
    FileWrite($file, "Record number .....: " & $aEvent[1])
    FileWrite($file, "Submitted .........: " & $aEvent[2] & " " & $aEvent[3] & @CRLF)
    FileWrite($file, "Generated .........: " & $aEvent[4] & " " & $aEvent[5] & @CRLF)
    FileWrite($file, "Event ID ..........: " & $aEvent[6] & @CRLF)
    FileWrite($file, "Type ..............: " & $aEvent[8] & @CRLF)
    FileWrite($file, "Category ..........: " & $aEvent[9] & @CRLF)
    FileWrite($file, "Source ............: " & $aEvent[10] & @CRLF)
    FileWrite($file, "Computer ..........: " & $aEvent[11] & @CRLF)
    FileWrite($file, "Username ..........: " & $aEvent[12] & @CRLF)
    FileWrite($file, "Description .......: " & $aEvent[13] & @CRLF)
    FileWrite($file, @CRLF & @CRLF)
Next

FileClose($file)

Share this post


Link to post
Share on other sites
bacobampense

I took what you guys have done and modified it to display as a web page.

but i need some help getting only the errors and warnings.

and if possible only the last 24-72 Hours.

can some one help?

#Include <EventLog.au3>

#include <array.au3>

#include <file.au3>

While 1

Sleep(3600000) ;($time) ; 1 sec = 1000; 1 Min = 60,000; 1 hr = 3,600,000;~ sleep(43200000) ; 43,200,000 = 12 Hours

_System()

WEnd

func _system()

$file = iniread ("I:\Speedtest\connect.ini","Dashboard","File1","Not Found")

FileOpen ($file, 2)

FileWrite($file, "<html>" & @CRLF)

FileWrite($file, "<head>"& @CRLF)

FileWrite($file, "<H1>Server Status</H1>" & @CRLF)

FileWrite($file, "<H2>Date:"& @YEAR&"/"&@mon&"/"&@MDAY&" Time:"&@HOUR&":"&@MIN&"</H2>" & @CRLF)

FileWrite($file, "</head>"& @CRLF)

FileWrite($file,'<div><table width="100%" border="1" cellpadding="2" cellspacing="2" bgcolor="#ffffff"><tr valign="top">')

FileWrite($file, "<td><Strong>Result</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Record number</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Submitted</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Generated</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Event ID</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Type</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Category</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Source</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Computer</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Username</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Description</strong></br></td>"&@CRLF)

FileWrite($file, "</tr>" & @CRLF)

If $file = -1 Then Exit

$hEventLog = _EventLog__Open ("", "System")

$count = _EventLog__Count($hEventLog)

For $i = 0 to $count

$aEvent = _EventLog__Read($hEventLog, True, False)

FileWrite($file, '<tr valign="top>' & @CRLF)

FileWrite($file, "<td>" & $aEvent[0] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[1]&"</br></td>")

FileWrite($file, "<td>" & $aEvent[2] & " " & $aEvent[3] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[4] & " " & $aEvent[5] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[6] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[8] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[9] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[10] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[11] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[12] &"</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[13] & "</br></td>"&@CRLF)

FileWrite($file, "</tr>" & @CRLF)

Next

FileWrite($file, "</div>" & @CRLF)

FileWrite($file, "</Table>" & @CRLF)

FileWrite($file, "</Body>" & @CRLF)

FileWrite($file, "</html>" & @CRLF)

FileClose($file)

endfunc

Share this post


Link to post
Share on other sites
skysel

@SoulA:

Just what I needed. Great example :D

Edited by skysel

Share this post


Link to post
Share on other sites
skysel

While this is a good script, I cannot figure out why is it taking ~50% of CPU? Can I somehow lower the CPU usage?

Share this post


Link to post
Share on other sites
99ojo

I took what you guys have done and modified it to display as a web page.

but i need some help getting only the errors and warnings.

and if possible only the last 24-72 Hours.

can some one help?

#Include <EventLog.au3>

#include <array.au3>

#include <file.au3>

While 1

Sleep(3600000) ;($time) ; 1 sec = 1000; 1 Min = 60,000; 1 hr = 3,600,000;~ sleep(43200000) ; 43,200,000 = 12 Hours

_System()

WEnd

func _system()

$file = iniread ("I:\Speedtest\connect.ini","Dashboard","File1","Not Found")

FileOpen ($file, 2)

FileWrite($file, "<html>" & @CRLF)

FileWrite($file, "<head>"& @CRLF)

FileWrite($file, "<H1>Server Status</H1>" & @CRLF)

FileWrite($file, "<H2>Date:"& @YEAR&"/"&@mon&"/"&@MDAY&" Time:"&@HOUR&":"&@MIN&"</H2>" & @CRLF)

FileWrite($file, "</head>"& @CRLF)

FileWrite($file,'<div><table width="100%" border="1" cellpadding="2" cellspacing="2" bgcolor="#ffffff"><tr valign="top">')

FileWrite($file, "<td><Strong>Result</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Record number</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Submitted</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Generated</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Event ID</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Type</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Category</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Source</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Computer</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Username</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Description</strong></br></td>"&@CRLF)

FileWrite($file, "</tr>" & @CRLF)

If $file = -1 Then Exit

$hEventLog = _EventLog__Open ("", "System")

$count = _EventLog__Count($hEventLog)

For $i = 0 to $count

$aEvent = _EventLog__Read($hEventLog, True, False)

FileWrite($file, '<tr valign="top>' & @CRLF)

FileWrite($file, "<td>" & $aEvent[0] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[1]&"</br></td>")

FileWrite($file, "<td>" & $aEvent[2] & " " & $aEvent[3] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[4] & " " & $aEvent[5] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[6] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[8] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[9] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[10] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[11] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[12] &"</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[13] & "</br></td>"&@CRLF)

FileWrite($file, "</tr>" & @CRLF)

Next

FileWrite($file, "</div>" & @CRLF)

FileWrite($file, "</Table>" & @CRLF)

FileWrite($file, "</Body>" & @CRLF)

FileWrite($file, "</html>" & @CRLF)

FileClose($file)

endfunc

Hi,

1) but i need some help getting only the errors and warnings:

For $i = 0 to $count
     if $aEvent [7] = 1 or $aEvent [7] = 2 Then
        your code above
    EndIf
Next

2) Look Helpfile for _NowDate and _NowTime. You have to code some if statements to check, wether the eventlog entries are older then 24 or 72 hours. The timestamps eventlog are $aEvent [2] (Date) and $aEvent [3] (Time).

;-))

Stefan

Edited by 99ojo

Share this post


Link to post
Share on other sites
99ojo

While this is a good script, I cannot figure out why is it taking ~50% of CPU? Can I somehow lower the CPU usage?

Hi,

just put a Sleep (50) before the Next.

;-))

Stefan

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.