Query Event Log Based on Todays Date

Database Search

If you can't find the information using the categories below, post a question over in our WinBatch Tech Support Forum.

TechHome

Samples from Users

	Deltree Examples
	Detect Keyboard Tricks
	DHCP
	Dialogs
	Encryption
	Event Logs
	File Version and Dir Mgmt
	Games
	HTML
	MS Access
	Network
	NSLookup
	Registry
	Syntax Checker
	System Information
	Telnet

Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.

Query Event Log Based on Todays Date

Attached is some sample code which will query the event logs based on today's date and write the output into an HTML file.

;***********************************************************************************************************************
; Get Event Logs for Today
;***********************************************************************************************************************
#DefineFunction EventLog(APP_LOGS)

	BoxOpen("","")
	BoxTitle("Retrieving Events")
	BoxText("Please Wait....")

	Locator = ObjectOpen("WbemScripting.SWbemLocator")
	Service = Locator.ConnectServer()
	Security = Service.Security_
	Security.ImpersonationLevel = 3
	Privs = Security.Privileges
	Privs.AddAsString("SeSecurityPrivilege");<<<<< Sets security privilege

	LogSet = Service.InstancesOf("Win32_NTLogEvent")

	StartDate=TimeYmdHms()
	yy = ItemExtract(1,StartDate,':')
	mm = ItemExtract(2,StartDate,':')
	dd = ItemExtract(3,StartDate,':')
	hh = ItemExtract(4,StartDate,':')
	ii = ItemExtract(5,StartDate,':')
	ss = ItemExtract(6,StartDate,':')
	QueryDate 	= StrCat(yy,mm,dd)

;	LogSet = Service.ExecQuery("Select * From Win32_NtLogEvent Where LogFile = 'Application'",,48)
;	LogSet = Service.ExecQuery("Select * From Win32_NtLogEvent Where LogFile = 'Security'",,48)
;	LogSet = Service.ExecQuery("Select * From Win32_NtLogEvent Where LogFile = 'System'",,48)
;	LogSet = Service.ExecQuery("Select * From Win32_NtLogEvent Where LogFile = 'System' and TimeWritten >= '%QueryDate%000000.000000-000'",,48)
	LogSet = Service.ExecQuery("Select * From Win32_NtLogEvent Where TimeWritten >= '%QueryDate%000000.000000-000'",,48)
	

	hEnum = ObjectCollectionOpen(LogSet)

   HTMLOutputHandle = FileOpen(StrCat(APP_LOGS,"Events.html"), "WRITE")
	FileWrite(HTMLOutputHandle,"<html>")
	FileWrite(HTMLOutputHandle,"<head>")
	FileWrite(HTMLOutputHandle,"<title>Event Logs</title>")
	FileWrite(HTMLOutputHandle,"</head>")
	FileWrite(HTMLOutputHandle,'<body>')

	BoxText("Retrieving Event Logs...")
	FileWrite(HTMLOutputHandle,'<H1>Event Logs</H1>')

	  FileWrite(HTMLOutputHandle,'<table border="1" CELLSPACING=1 CELLPADDING=7 WIDTH="100%%">')
	  FileWrite(HTMLOutputHandle,StrCat('<CAPTION><H2><A NAME="EventLogs">Event Logs For ',yy,'/',mm,'/',dd,'</A></H2></CAPTION>'))
	  FileWrite(HTMLOutputHandle,'<colgroup span="8">')
	  FileWrite(HTMLOutputHandle,'<col width="10%%">')
	  FileWrite(HTMLOutputHandle,'<col width="10%%">')
	  FileWrite(HTMLOutputHandle,'<col width="10%%">')
	  FileWrite(HTMLOutputHandle,'<col width="30%%">')
	  FileWrite(HTMLOutputHandle,'<col width="10%%">')
	  FileWrite(HTMLOutputHandle,'<col width="10%%">')
	  FileWrite(HTMLOutputHandle,'<col width="10%%">')
	  FileWrite(HTMLOutputHandle,'<col width="10%%">')
	  FileWrite(HTMLOutputHandle,'</colgroup>')
	  FileWrite(HTMLOutputHandle,'<tr align="left" style="color: blue">')
	  FileWrite(HTMLOutputHandle,'<th><B>Category</B></th>')
	  FileWrite(HTMLOutputHandle,'<th><B>Computer<br>Name</B></th>')
	  FileWrite(HTMLOutputHandle,'<th><B>Event Code</B></th>')
	  FileWrite(HTMLOutputHandle,'<th><B>Message</B></th>')
	  FileWrite(HTMLOutputHandle,'<th><B>Record<br>Number</B></th>')
	  FileWrite(HTMLOutputHandle,'<th><B>Source<br>Name</B></th>')
	  FileWrite(HTMLOutputHandle,'<th><B>Time<br>Written</B></th>')
	  FileWrite(HTMLOutputHandle,'<th><B>Type</B></th>')
	  FileWrite(HTMLOutputHandle,'<th><B>User</B></th>')
	  FileWrite(HTMLOutputHandle,'</tr>')
	

	 xloop = 0
	  while @true
		  objEvent = ObjectCollectionNext(hEnum)
		  If objEvent == 0 Then Break

		  xloop = xloop + 1
		  BoxText(StrCat("Event Log",xloop," :",objEvent.Message))

		  FileWrite(HTMLOutputHandle,"<TR>")
		  FileWrite(HTMLOutputHandle,StrCat('<td>',objEvent.LogFile,'</td>'))
		  FileWrite(HTMLOutputHandle,StrCat('<td>',objEvent.ComputerName,'</td>'))
		  FileWrite(HTMLOutputHandle,StrCat('<td>',objEvent.EventCode,'</td>'))
		  FileWrite(HTMLOutputHandle,StrCat('<td>',objEvent.Message,'</td>'))
		  FileWrite(HTMLOutputHandle,StrCat('<td>',objEvent.RecordNumber,'</td>'))
		  FileWrite(HTMLOutputHandle,StrCat('<td>',objEvent.SourceName,'</td>'))
		  FileWrite(HTMLOutputHandle,StrCat('<td>',objEvent.TimeWritten,'</td>'))
		  FileWrite(HTMLOutputHandle,StrCat('<td>',objEvent.Type,'</td>'))
		  FileWrite(HTMLOutputHandle,StrCat('<td>',objEvent.User,'</td>'))
		  FileWrite(HTMLOutputHandle,"</TR>")
		  ObjectClose(objEvent)
	End While

   FileWrite(HTMLOutputHandle,'</table>')
	FileWrite(HTMLOutputHandle,"</body>")
	FileWrite(HTMLOutputHandle,"</html>")

	ObjectCollectionClose(hEnum)
	ObjectClose(LogSet)
	ObjectClose(Privs)
	ObjectClose(Security)
	ObjectClose(Service)
	ObjectClose(Locator)

	FileClose(HTMLOutputHandle)

	BoxShut()

	return
#EndFunction
;***********************************************************************************************************************
EventLog("C:\temp\")
RunShell("C:\temp\Events.html","","",@normal, @nowait)

Article ID:   W16199

File Created: 2004:04:07:14:18:50

Last Updated: 2004:04:07:14:18:50