Re: Security Log
From: Manu (manuela_nistor2002@yahoo.com)
Date: 03/03/03
- Next message: Julia: "Firewall"
- Previous message: cody: "security updates"
- In reply to: Roger Abell [MVP]: "Re: Security Log"
- Next in thread: Roger Abell [MVP]: "Re: Security Log"
- Reply: Roger Abell [MVP]: "Re: Security Log"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Manu" <manuela_nistor2002@yahoo.com> Date: Mon, 3 Mar 2003 02:14:28 -0800
Thanks for your answer.
Now seems to work,I don't know how but is OK.
But you know how can I put the display on a Internet
Explorer?
I tell you how I done till now with application and system.
set locator = createObject("WbemScripting.SWbemLocator")
if comp = "" then set service = locator.connectServer()
else set service = locator.connectServer(comp) end
if evt_type <> "all" then
strWQL = "select * from win32_NTLogEvent where LogFile
= '" & ev & "' and Type = '" & evt_type & "'"
else
strWQL = "select * from win32_NTLogEvent where LogFile
= '" & ev & "'"
end
if set objwmi = service.execQuery(strWQL,,48)
... and now is the display with document.write
(objwmi.Computer) and so on.
For Security, the output is empty, end is not correct.
You know, maybe is a policy that I should set for having
access to display the security logs on Explorer.
You know how should I solve this?
Thanks,
Manu
>-----Original Message-----
>I did a cut paste of your code and ran it with a couple
>mods, the main one being _
>
>strServers = Array(".","zzzz")
>strQuery = "select * from Win32_NTLogEvent " & "where
Logfile = 'Security' "
>strServer = strServers(i)
>Set oLog = GetObject("winmgmts:
{impersonationLevel=impersonate, (Security)}//" _
>& strServer & "/root/CIMv2")
>set colLogEntries = oLog.ExecQuery(strQuery)
>For each oLogEntry in colLogEntries
> WScript.Echo oLogEntry.TimeGenerated
> WScript.Echo oLogEntry.EventCode
> WScript.Echo oLogEntry.User
> WScript.Echo oLogEntry.ComputerName
> WScript.Echo
>Next
>
>
>PS - do not run this if you have a large Sec Event log.
>
>--
>Roger Abell
>MS MVP (Security, Windows), MCDBA, MCSE both
>Associate Expert - Windows XP ExpertZone
>http://www.microsoft.com/windowsxp/expertzone
>
>"Manu" <manuela.nistor@bmtr.ro> wrote in message
news:02f801c2de6b$108c6ae0$a001280a@phx.gbl...
>> No, is not that, all code was on the same line.
>> In fact my question is how can I to interogate Security
>> logs?
>>
>> Thanks anyway for your answer.
>>
>> Manu
>>
>> >-----Original Message-----
>> >This post is appropriate to one of the scripting
>> newsgroups
>> >or even the new windows.server.scripting newsgroup
>> >
>> >Your problem appears to be that you have not used _
>> >as a line continuation character.
>> >
>> >--
>> >Roger
>> >
>> >"Manu" <manuela.nistor@bmtr.ro> wrote in message
>> news:014701c2de3d$8f976430$3301280a@phx.gbl...
>> >> I want to make a query in security log with this
script:
>> >>
>> >> strServers = Array(".","\\zzzz")
>> >> strQuery = "select * from Win32_NTLogEvent "
& "where
>> >> Logfile = 'Security' "
>> >>
>> >> strServer = strServers(i)
>> >> Set oLog = GetObject("winmgmts: "
>> >> & "{impersonationLevel=impersonate, (Security)}//"
>> >> & "zzzz" & "/root/CIMv2")
>> >> set str = oLog.ExecQuery(strQuery)
>> >> For each oLogEntry in str
>> >> WScript.Echo oLogEntry.TimeGenerated
>> >> WScript.Echo oLogEntry.EventCode
>> >> WScript.Echo oLogEntry.User
>> >> WScript.Echo oLogEntry.ComputerName
>> >> WScript.Echo
>> >> Next
>> >>
>> >> And appear an error message:
>> >> (null) 0x80041021.
>> >> With wbemtest, when I'm connected to root/cimv2 and
I
>> make
>> >> a query on Win32_NTLogEvent I didn't see any line
with
>> >> security.
>> >>
>> >> How can I interogate securityt log?!
>> >>
>> >> Thanks.
>> >> Manuela
>> >>
>> >.
>> >
>.
>
- Next message: Julia: "Firewall"
- Previous message: cody: "security updates"
- In reply to: Roger Abell [MVP]: "Re: Security Log"
- Next in thread: Roger Abell [MVP]: "Re: Security Log"
- Reply: Roger Abell [MVP]: "Re: Security Log"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
