Use blat Blat is a command line utility that we use a lot for sending alerts from processes governed by vbscripts. I've been using it for over 10 years now. Delightful. Open source too -- ie free.
If you need mapi I can't help you. In our environment, the only wrinkle with blat is that if I need to send mail outside of our LAN, the account under which the script runs must be a domain account, and the "from" email address must be the address of that account. --Bill On Mon, Dec 1, 2008 at 10:33 AM, David McSpadden <[EMAIL PROTECTED]> wrote: > I want to read an input file. > > It would comma delimited. It will have those users that have not logged off > and are getting after hours logon events with their names. > > I only want to send 1 email per user so I would have to sort and then group > then blat out the email. > > My format for the file is like this: > > 866265068,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:49:14 > AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time > restriction violation User Name: DawnH Domain: IM_DOM1 Logon > Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM > Workstation Name: XP31090634014W Caller User Name: - Caller Domain: > - Caller Logon ID: - Caller Process ID: - Transited Services: > - Source Network Address: 10.0.31.40 Source Port: 1087 > > 866265066,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:49:11 > AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time > restriction violation User Name: DawnH Domain: IM_DOM1 Logon > Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM > Workstation Name: XP31090634014W Caller User Name: - Caller Domain: > - Caller Logon ID: - Caller Process ID: - Transited Services: > - Source Network Address: 10.0.31.40 Source Port: 1044 > > 866265063,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:49:07 > AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time > restriction violation User Name: DawnH Domain: IM_DOM1 Logon > Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM > Workstation Name: XP31090634014W Caller User Name: - Caller Domain: > - Caller Logon ID: - Caller Process ID: - Transited Services: > - Source Network Address: 10.0.31.40 Source Port: 4976 > > 866264132,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:34:33 > AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time > restriction violation User Name: DavidE Domain: IM_DOM1 Logon > Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM > Workstation Name: XP250308200506 Caller User Name: - Caller Domain: > - Caller Logon ID: - Caller Process ID: - Transited Services: > - Source Network Address: 10.0.50.48 Source Port: 4656 > > 866264130,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:34:33 > AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time > restriction violation User Name: DavidE Domain: IM_DOM1 Logon > Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM > Workstation Name: XP250308200506 Caller User Name: - Caller Domain: > - Caller Logon ID: - Caller Process ID: - Transited Services: > - Source Network Address: 10.0.50.48 Source Port: 4614 > > 866264128,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:34:33 > AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time > restriction violation User Name: DavidE Domain: IM_DOM1 Logon > Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM > Workstation Name: XP250308200506 Caller User Name: - Caller Domain: > - Caller Logon ID: - Caller Process ID: - Transited Services: > - Source Network Address: 10.0.50.48 Source Port: 4572 > > 866264126,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:34:33 > AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time > restriction violation User Name: DavidE Domain: IM_DOM1 Logon > Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM > Workstation Name: XP250308200506 Caller User Name: - Caller Domain: > - Caller Logon ID: - Caller Process ID: - Transited Services: > - Source Network Address: 10.0.50.48 Source Port: 4529 > > > > So basically I want to skip everything except the User Name: and Workstation > Name: > > I generate this list every morning for the prior day using psloglist and now > I want to parse it and blat an email to the offenders telling them to shut > down every night. > > > > Any ideas??? > > > > > > > > > > Data Security is everyone's responsibility. > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
