Monitoring Event logs
Hamsaffar
everything went through fine.
I am looking for monitoring Event Log (Application and System) with the
followign condition:
- Sent me email alert for any "Error" on either Application Event Log except
Source-PerfLib "AND EventID=2003.
- This exception list currently carries 24 specific event-Sources with their
specific EventIDs and it will be changed in the future.
is there easy way to monitor all "Error" events with the exception of a
few... ?
Thanks in advance.
sridhar
yes you can create a wmi unit moniter for windows computers and run the
script for every 5 min so that it will moniter all events.i think this script
will help you.
"Const CONVERT_TO_LOCAL_TIME = True
Set dtmStartDate = CreateObject("WbemScripting.SWbemDateTime")
dtmStartDate.SetVarDate dateadd("n", -5 now)' CONVERT_TO_LOCAL_TIME
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate,(Security)}!\\" _
& strComputer & "\root\cimv2")
Set colEvents = objWMIService.ExecQuery _
("Select * from Win32_NTLogEvent Where Logfile = 'Security' and " _
& "TimeWritten > '" & dtmStartDate & "'")
For each objEvent in colEvents
Wscript.Echo "Category: " & objEvent.Category
Wscript.Echo "Computer Name: " & objEvent.ComputerName
Wscript.Echo "Event Code: " & objEvent.EventCode
Wscript.Echo "Message: " & objEvent.Message
Wscript.Echo "Record Number: " & objEvent.RecordNumber
Wscript.Echo "Source Name: " & objEvent.SourceName
Wscript.Echo "Time Written: " & objEvent.TimeWritten
Wscript.Echo "Event Type: " & objEvent.Type
Wscript.Echo "User: " & objEvent.User
Wscript.Echo objEvent.LogFile
Next"