#185591 - 2008-02-21 09:03 PM
Re: Read the Event Log upon startup?
[Re: Mart]
|
endodave
Starting to like KiXtart
Registered: 2005-08-17
Posts: 101
|
i changed it to your code above and it works like a charm. thanks!!
|
Top
|
|
|
|
#185594 - 2008-02-21 10:12 PM
Re: Read the Event Log upon startup?
[Re: endodave]
|
endodave
Starting to like KiXtart
Registered: 2005-08-17
Posts: 101
|
okay, next question - any way to have the UDF return the date and time the event was recorded in the user's log?
|
Top
|
|
|
|
#185597 - 2008-02-21 10:57 PM
Re: Read the Event Log upon startup?
[Re: endodave]
|
endodave
Starting to like KiXtart
Registered: 2005-08-17
Posts: 101
|
or any way to specify that you only want it to look in the reg after a certain date and time?
|
Top
|
|
|
|
#185616 - 2008-02-22 03:33 PM
Re: Read the Event Log upon startup?
[Re: endodave]
|
Mart
KiX Supporter
Registered: 2002-03-27
Posts: 4672
Loc: The Netherlands
|
The ReadEventLog UDF returns an array for each event one of the columns is the time it was generated. Element 12 and/or 13 contain what you want to know.
; Column 0 = Category ; Column 1 = CategoryString ; Column 2 = ComputerName ; Column 3 = Data ; Column 4 = EventCode ; Column 5 = EventIdentifier (see http://support.microsoft.com/default.aspx?scid=kb;en-us;245222); Column 6 = EventType ; Column 7 = InsertionStrings ; Column 8 = Logfile ; Column 9 = Message ; Column 10 = RecordNumber ; Column 11 = Source Name ; Column 12 = TimeGenerated ; Column 13 = TimeWritten ; Column 14 = Type ; Column 15 = User
_________________________
Mart
- Chuck Norris once sold ebay to ebay on ebay.
|
Top
|
|
|
|
#185619 - 2008-02-22 05:23 PM
Re: Read the Event Log upon startup?
[Re: Richard H.]
|
endodave
Starting to like KiXtart
Registered: 2005-08-17
Posts: 101
|
guess i'll have to mess around with it more. i tried the date thing and it didn't work. here is my code:
$events_1030 = ReadEventlog('Application',1030,'2008/01/01 00:00:00')
i also tried this to no avail:
$events_1030 = ReadEventlog('SELECT EventCode, TimeGenerated, User FROM Win32_NTLogEvent WHERE Logfile="Application" AND EventCode=1030 AND TimeGenerated>="2008/01/01 00:00:00:000"')
|
Top
|
|
|
|
#185693 - 2008-02-26 12:30 AM
Re: Read the Event Log upon startup?
[Re: endodave]
|
lukeod
Getting the hang of it
Registered: 2008-01-11
Posts: 70
Loc: Australia
|
I think the problem with
$events_1030 = ReadEventlog('Application',1030,'2008/01/01 00:00:00')
Is that it's assigning '2008/01/01 00:00:00' to the 'optional $computer' variable. Have a look at the first 'code' line of the UDF ReadEventLog:
function ReadEventlog($eventlog, optional $eventid, optional $computer, optional $datetime, optional $username, optional $password)
What I think is happening is it's entering the function with the following variables
$eventlog = Application $eventid = 1030 $computer = 2008/01/01 00:00:00 $datetime = [Null]
Try this instead:
$events_1030 = ReadEventlog('Application',1030,@WKSTA,'2008/01/01 00:00:00')
@WKSTA just returns the name of the current computer.
And see if it makes a difference. I dont know enough about kix or programming in general to know if you can tell the function to use only specific optional variables without recoding the UDF. As far as i'm aware, you will have to go left to right filling in any optional variables until you have got to the ones you wanted.
Luke
Edited by lukeod (2008-02-26 12:38 AM)
|
Top
|
|
|
|
#185700 - 2008-02-26 09:53 AM
Re: Read the Event Log upon startup?
[Re: lukeod]
|
Richard H.
Administrator
Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
|
You may leave out any (or all) optional values, but you must keep the delimiters (commas) in place.
$events_1030 = ReadEventlog('Application',1030,,'2008/01/01 00:00:00')
|
Top
|
|
|
|
#185782 - 2008-02-28 02:51 AM
Re: Read the Event Log upon startup?
[Re: Richard H.]
|
lukeod
Getting the hang of it
Registered: 2008-01-11
Posts: 70
Loc: Australia
|
Oh really, well that does make sense, thanks for the info.
Luke
|
Top
|
|
|
|
Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart
|
0 registered
and 507 anonymous users online.
|
|
|