Database Search
If you can't find the information using the categories below, post a question over in our WinBatch Tech Support Forum.
TechHome
Backups
- Backup Eventlog
- How to Backup the Current Users NTUSER DAT File
- Incremental Backup based on Archive Bit
- Incremental Backup Procedure
Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.
Backup Eventlog
; How to do it: ; 1 - Open specified eventlog (Application, Security, System) ; 2 - Clear (and Backup) eventlog ; 3 - Close eventlog ; Note: ; Make sure backup file does not exist already, otherwise DllCall will fail! #DefineFunction OpenEventLog(dllhandle,computername,sourcename) ; The OpenEventLog function opens a handle to an event log. ; Declare Function OpenEventLog Lib "advapi32.dll" Alias "OpenEventLog" ; (ByVal lpUNCServerName As String, ByVal lpSourceName As String) As Long eventloghandle = DllCall(dllhandle,LONG:"OpenEventLogA",lpstr:computername,lpstr:SourceName) Return(eventloghandle) #EndFunction #DefineFunction CloseEventLog(dllhandle,evthandle) ; The CloseEventLog function closes a read handle to the specified event log. ; Declare Function CloseEventLog Lib "advapi32.dll" Alias "CloseEventLog" ; (ByVal hEventLog As Long) As Long closeevt = DllCall(dllhandle,LONG:"CloseEventLog",long:evthandle) Return(closeevt) #EndFunction #DefineFunction ClearEventLog(dllhandle,evthandle,backup_filename) ; The ClearEventLog function clears the specified event log, and optionally saves the current copy of the logfile to a backup file. ; If the lpBackupFileName parameter is NULL, the current event logfile is not backed up. ; Declare Function ClearEventLog Lib "advapi32.dll" Alias "ClearEventLogA" ; (ByVal hEventLog As Long, ByVal lpBackupFileName As String) As Long If backup_filename == "" result = DllCall(dllhandle,LONG:"ClearEventLogA",long:evthandle,lpnull) Else result = DllCall(dllhandle,LONG:"ClearEventLogA",long:evthandle,lpstr:backup_filename) Endif Return(result) #EndFunction computername = ItemExtract(1,WinSysInfo(),@tab) dllname = StrCat(DirWindows(1),"advapi32.dll") dllhandle = DllLoad(dllname) sourcename = "Application" backup_filename = "C:\Backups\Application.evt" evthandle = OpenEventLog(dllhandle,computername,sourcename) ; Now check if backup file already exists. If it does, first delete/move the backup file backupresult = ClearEventLog(dllhandle,evthandle,backup_filename) closeevt = CloseEventLog(dllhandle,evthandle) DllFree(dllhandle) Exit
Article ID: W16005
File Created: 2004:03:30:15:42:10
Last Updated: 2004:03:30:15:42:10