I am trying to print out the last 100 lines of the Application Event log
using perl. I have gotten it to print out the whole thing, but how do I get
just the last bit of it?
use Win32::EventLog;
# Get number of command-line arguments.
$num_args = scalar( @ARGV );
if ( $num_args > 0) {
$area = $ARGV[0];
} else {
$area = 'Application'; # Default
}
if ( $num_args > 1) {
$host = $ARGV[1];
} else {
$host = $ENV{'ComputerName'};
}
$log_handle = Win32::EventLog->new($area, $host)
or die "Cannot open $area event log $!\n";
#
# Get the oldest record, and the base for
# calculating the offset.
#
$log_handle->GetOldest($record_base)
or die "Error getting oldest record, $!\n";
$log_handle->GetNumber($num_records)
or die "Error getting number records, $!\n";
#
# Loop through all the records.
#
for ($rec = 0; $rec < $num_records; $rec++ ) {
$log_handle->Read(
EVENTLOG_FORWARDS_READ|EVENTLOG_SEEK_READ,
$record_base + $rec,
\%hash)
or die "Cannot read event log entry $rec, $!\n";
print_error_log( \%hash );
}
#
# Close the event log handle when done.
#
$log_handle->Close();
#
# Prints out error event log entries.
#
sub print_error_log {
my($hash_ref) = $_[0];
my(%hash) = %$hash_ref;
my($time_str);
my($time_value);
if ( exists( $hash{'EventType'} ) ) {
# Only print errors.
if ( $hash{'EventType'} eq EVENTLOG_ERROR_TYPE ) {
my($source) = $hash{'Source'};
$time_value = $hash{'TimeGenerated'};
$time_str = localtime( $time_value );
my($rec_number) = $hash{'RecordNumber'};
my($msg) =
Win32::EventLog::GetMessageText( \%hash );
if (defined($msg) ) {
# Note: $msg has a \n already.
# We add one to separate.
print " $rec_number $source $time_str\n";
print "$msg\n";
} else {
# Print raw strings used to create message.
print " $rec_number $source $time_str\n";
print "$hash{'Strings'}\n\n";
}
}
}
}
_______________________________________________
Perl-Win32-Admin mailing list
[EMAIL PROTECTED]
http://listserv.ActiveState.com/mailman/listinfo/perl-win32-admin
