Sign in to follow this  
Followers 0
ca143508

Exporting Event Logs

10 posts in this topic

Guys,

Is there a way using autoit to automate the exporting of a particular event log (system for example) to a txt (TAB Delimited)? I have seem the UDFs but I want the entire log. Not a single entry.....

Cheers

Mike.

Share this post


Link to post
Share on other sites



Guys,

Is there a way using autoit to automate the exporting of a particular event log (system for example) to a txt (TAB Delimited)? I have seem the UDFs but I want the entire log. Not a single entry.....

Cheers

Mike.

It's not very clear to me what you want to do, but if you want to build up a series of items for a report and then write them to a file in one go you can just add each item to a string, with tabs and @CR where needeed, and write that string to a file when you have finished.

A log file would normally write a line at a time if it was important to know what had been happening even if the program terminated unexpectedly.


Serial port communications UDF Includes functions for binary transmission and reception.printing UDF Useful for graphs, forms, labels, reports etc.Add User Call Tips to SciTE for functions in UDFs not included with AutoIt and for your own scripts.Functions with parameters in OnEvent mode and for Hot Keys One function replaces GuiSetOnEvent, GuiCtrlSetOnEvent and HotKeySet.UDF IsConnected2 for notification of status of connected state of many urls or IPs, without slowing the script.

Share this post


Link to post
Share on other sites

I want a way to export the Windows event log to a tab delimited file without any user interaction.... I know you can do it from the Event viewer but that requires some interaction from the end user.

Share this post


Link to post
Share on other sites

Here is some code you can adapt

#Include <EventLog.au3>

$file = FileOpen("eventlog.txt", 2)
If $file = -1 Then Exit

$hEventLog = _EventLog__Open ("", "Application")
$count = _EventLog__Count($hEventLog)

For $i = 0 to $count
    $aEvent = _EventLog__Read($hEventLog, True, False)
    FileWrite($file, "Result ............: " & $aEvent[0] & @CRLF)
    FileWrite($file, "Record number .....: " & $aEvent[1])
    FileWrite($file, "Submitted .........: " & $aEvent[2] & " " & $aEvent[3] & @CRLF)
    FileWrite($file, "Generated .........: " & $aEvent[4] & " " & $aEvent[5] & @CRLF)
    FileWrite($file, "Event ID ..........: " & $aEvent[6] & @CRLF)
    FileWrite($file, "Type ..............: " & $aEvent[8] & @CRLF)
    FileWrite($file, "Category ..........: " & $aEvent[9] & @CRLF)
    FileWrite($file, "Source ............: " & $aEvent[10] & @CRLF)
    FileWrite($file, "Computer ..........: " & $aEvent[11] & @CRLF)
    FileWrite($file, "Username ..........: " & $aEvent[12] & @CRLF)
    FileWrite($file, "Description .......: " & $aEvent[13] & @CRLF)
    FileWrite($file, @CRLF & @CRLF)
Next

FileClose($file)

Share this post


Link to post
Share on other sites

Perfect. Thanks for your help.

Share this post


Link to post
Share on other sites

I took what you guys have done and modified it to display as a web page.

but i need some help getting only the errors and warnings.

and if possible only the last 24-72 Hours.

can some one help?

#Include <EventLog.au3>

#include <array.au3>

#include <file.au3>

While 1

Sleep(3600000) ;($time) ; 1 sec = 1000; 1 Min = 60,000; 1 hr = 3,600,000;~ sleep(43200000) ; 43,200,000 = 12 Hours

_System()

WEnd

func _system()

$file = iniread ("I:\Speedtest\connect.ini","Dashboard","File1","Not Found")

FileOpen ($file, 2)

FileWrite($file, "<html>" & @CRLF)

FileWrite($file, "<head>"& @CRLF)

FileWrite($file, "<H1>Server Status</H1>" & @CRLF)

FileWrite($file, "<H2>Date:"& @YEAR&"/"&@mon&"/"&@MDAY&" Time:"&@HOUR&":"&@MIN&"</H2>" & @CRLF)

FileWrite($file, "</head>"& @CRLF)

FileWrite($file,'<div><table width="100%" border="1" cellpadding="2" cellspacing="2" bgcolor="#ffffff"><tr valign="top">')

FileWrite($file, "<td><Strong>Result</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Record number</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Submitted</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Generated</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Event ID</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Type</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Category</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Source</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Computer</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Username</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Description</strong></br></td>"&@CRLF)

FileWrite($file, "</tr>" & @CRLF)

If $file = -1 Then Exit

$hEventLog = _EventLog__Open ("", "System")

$count = _EventLog__Count($hEventLog)

For $i = 0 to $count

$aEvent = _EventLog__Read($hEventLog, True, False)

FileWrite($file, '<tr valign="top>' & @CRLF)

FileWrite($file, "<td>" & $aEvent[0] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[1]&"</br></td>")

FileWrite($file, "<td>" & $aEvent[2] & " " & $aEvent[3] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[4] & " " & $aEvent[5] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[6] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[8] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[9] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[10] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[11] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[12] &"</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[13] & "</br></td>"&@CRLF)

FileWrite($file, "</tr>" & @CRLF)

Next

FileWrite($file, "</div>" & @CRLF)

FileWrite($file, "</Table>" & @CRLF)

FileWrite($file, "</Body>" & @CRLF)

FileWrite($file, "</html>" & @CRLF)

FileClose($file)

endfunc

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

@SoulA:

Just what I needed. Great example :D

Edited by skysel

Share this post


Link to post
Share on other sites

While this is a good script, I cannot figure out why is it taking ~50% of CPU? Can I somehow lower the CPU usage?

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

I took what you guys have done and modified it to display as a web page.

but i need some help getting only the errors and warnings.

and if possible only the last 24-72 Hours.

can some one help?

#Include <EventLog.au3>

#include <array.au3>

#include <file.au3>

While 1

Sleep(3600000) ;($time) ; 1 sec = 1000; 1 Min = 60,000; 1 hr = 3,600,000;~ sleep(43200000) ; 43,200,000 = 12 Hours

_System()

WEnd

func _system()

$file = iniread ("I:\Speedtest\connect.ini","Dashboard","File1","Not Found")

FileOpen ($file, 2)

FileWrite($file, "<html>" & @CRLF)

FileWrite($file, "<head>"& @CRLF)

FileWrite($file, "<H1>Server Status</H1>" & @CRLF)

FileWrite($file, "<H2>Date:"& @YEAR&"/"&@mon&"/"&@MDAY&" Time:"&@HOUR&":"&@MIN&"</H2>" & @CRLF)

FileWrite($file, "</head>"& @CRLF)

FileWrite($file,'<div><table width="100%" border="1" cellpadding="2" cellspacing="2" bgcolor="#ffffff"><tr valign="top">')

FileWrite($file, "<td><Strong>Result</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Record number</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Submitted</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Generated</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Event ID</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Type</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Category</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Source</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Computer</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Username</strong></br></td>"&@CRLF)

FileWrite($file, "<td><Strong>Description</strong></br></td>"&@CRLF)

FileWrite($file, "</tr>" & @CRLF)

If $file = -1 Then Exit

$hEventLog = _EventLog__Open ("", "System")

$count = _EventLog__Count($hEventLog)

For $i = 0 to $count

$aEvent = _EventLog__Read($hEventLog, True, False)

FileWrite($file, '<tr valign="top>' & @CRLF)

FileWrite($file, "<td>" & $aEvent[0] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[1]&"</br></td>")

FileWrite($file, "<td>" & $aEvent[2] & " " & $aEvent[3] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[4] & " " & $aEvent[5] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[6] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[8] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[9] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[10] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[11] & "</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[12] &"</br></td>"&@CRLF)

FileWrite($file, "<td>" & $aEvent[13] & "</br></td>"&@CRLF)

FileWrite($file, "</tr>" & @CRLF)

Next

FileWrite($file, "</div>" & @CRLF)

FileWrite($file, "</Table>" & @CRLF)

FileWrite($file, "</Body>" & @CRLF)

FileWrite($file, "</html>" & @CRLF)

FileClose($file)

endfunc

Hi,

1) but i need some help getting only the errors and warnings:

For $i = 0 to $count
     if $aEvent [7] = 1 or $aEvent [7] = 2 Then
        your code above
    EndIf
Next

2) Look Helpfile for _NowDate and _NowTime. You have to code some if statements to check, wether the eventlog entries are older then 24 or 72 hours. The timestamps eventlog are $aEvent [2] (Date) and $aEvent [3] (Time).

;-))

Stefan

Edited by 99ojo

Share this post


Link to post
Share on other sites

While this is a good script, I cannot figure out why is it taking ~50% of CPU? Can I somehow lower the CPU usage?

Hi,

just put a Sleep (50) before the Next.

;-))

Stefan

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0