Hi using Eventlog.pm, a module in the package I mentioned.
sample code to get available logs from a host. --start use Eventlog; $hostname=shift; my(@logs); getAllLogfile($hostname, [EMAIL PROTECTED]); print join "\n", @logs; --end On Thu, 27 Feb 2003 17:57:31 +0000 Ross Draper wrote: > > >Hi > >Thanks for the info - It looks quite impressive. > >However I'm currently trying to produce something a bit more "home grown" as >this script will be collecting other details as well. I think I've got a plan >on synchronising the logs that will work. > >The next problem is something a bit more specific to the eventlog module. I'll >be connecting to both DNS / FRS servers as well as vanilla workstations, to >make life easier I would like to retrieve a set list of logs from a list of host >names. The problem I have is that if I accidentally try to retrieve a DNS log >from a workstation instead of a server, instead of being told the log doesnt >exist - I'm getting the application log retrieved instead. > >sample code >--------------------------------------------------------- >use Win32::EventLog; > >$log = "File Replication Service"; >$server = "workstationa"; > >$evt = Win32::EventLog->new($log,$server) || > die "Could not open $log log on $server: $!\n"; > $evt->GetNumber($total) || die "Can't get number of EventLog records: >$!\n"; >print "$total\n"; >---------------------------------------------------------- > >Anybody know of a way to either query the type of logs available from a given >host or ensure that the query fails if the log doesnt exist? > >Many thanks ofr your help. > >Kind Regards > >Ross > > > > > > >Yimin Zheng <[EMAIL PROTECTED]> on 27/02/2003 12:20:44 > >To: Ross Draper/[EMAIL PROTECTED], [EMAIL PROTECTED] >cc: > >Subject: [Re:] EventLog retrieval > > > > >Ross, > >please check out https://sourceforge.net/projects/evntmon/. >it's a package that collects eventlog from remote hosts and >stores them in a database table, sends out alert emails and >opens cases to another open source bug tracking app ( >https://sourceforge.net/projects/mantisbt). >it has a web interface for adding/deleting/suspending hosts, >setting up email lists and event filters. >the documentation still needs to be worked on, but the package works. > > >On Wed, 26 Feb 2003 22:29:59 +0000 >Ross Draper wrote: > >> >> >>Hi guys >> >>A quick question for those of you with any experience in NT/2000 >eventlogs. >> >>I'm putting together a centralised logging script and one of >the things I want >>to do is pull various eventlogs from remote servers. I've >read through the docs >>on Win32::EventLog and it seems just the ticket. The only >snag is I will be >>squirting this into a SQL table after dragging it across a >network so I dont >>want to retrieve the whole eventlog each time. I notice there >is a field called >>"RecordNumber" for each event retrieved, is this number unique >inside the log >>and incremented with each event entry, thus producing a unique >identifier of >>each record entered since the eventlog/PC was "built"? or >is this number >>"recycled" when the log gets full and starts to overwrite itself? >> >>Basically I'm trying to avoid duplicate entries and additional >bandwidth, would >>checking for the last "RecordNumber" logged in the SQL table >and then reading >>from that record onward on the remote event log be a feasible >way of doing this? >> >>Hope the above makes sense and thanks for your time. >> >>Kind Regards >> >>Ross >> >>PS - Any ideas on formatting commands for the "Data" portion >of the retrieved >>record for printing on screen and dumping to SQL would be welcomed >:-) >> >> >> >> >>************************************************************************* >>GWR on the Web >> >>http://www.koko.com http://www.classicfm.com >> >>http://www.corefreshhits.com http://www.planetrock.com >> >>http://www.opusonline.co.uk http://www.gwrgroup.com >> >>CONFIDENTIALITY NOTICE >> >>The information in this e-mail and any attachments to it is >confidential >>and may be legally privileged or prohibited from disclosure and >>unauthorised use. If you are not the intended recipient, any > use, copying, >>disclosure, modification, distribution and/or publication of this >>message or its attachments (if any) is prohibited and may be >unlawful. >> >>We will not accept liability for any claims arising as a result >>of the use of the internet to transmit information by or to >GWR Group plc. >>*************************************************************************************************** > >> >>_______________________________________________ >>Perl-Win32-Admin mailing list >>[EMAIL PROTECTED] >>To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs >> >> > > > >-------------------------------------------------------------------------- >Global Internet phone calls, voicemail, fax, e-mail and instant messaging. >Sign-up today at http://www.hotvoice.com > > > > > > >************************************************************************* >GWR on the Web > >http://www.koko.com http://www.classicfm.com > >http://www.corefreshhits.com http://www.planetrock.com > >http://www.opusonline.co.uk http://www.gwrgroup.com > >CONFIDENTIALITY NOTICE > >The information in this e-mail and any attachments to it is confidential >and may be legally privileged or prohibited from disclosure and >unauthorised use. If you are not the intended recipient, any use, copying, >disclosure, modification, distribution and/or publication of this >message or its attachments (if any) is prohibited and may be unlawful. > >We will not accept liability for any claims arising as a result >of the use of the internet to transmit information by or to GWR Group plc. >*************************************************************************************************** > >_______________________________________________ >Perl-Win32-Admin mailing list >[EMAIL PROTECTED] >To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs > > -------------------------------------------------------------------------- Global Internet phone calls, voicemail, fax, e-mail and instant messaging. Sign-up today at http://www.hotvoice.com
