|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
RE: Win2k log management
Date: Tue Jan 28 2003 - 12:50:57 EST
Nice perl script that we use for NT, and I believe works with win2k.
http://perlmonks.thepen.com/15057.html
I've modified it and added some comments/documentation.
#########################################################################
# Original Script came from: http://perlmonks.thepen.com/15057.html
# Modified by: Jordan Arendt on May 23, 2002
# Script Name: eventdump.pl
# Comments:
# There are several things that need to be done for setup
# 1. Create a directory called c:\event_logs on every server
# that you are going to want to dump the eventlogs from.
# 2. Share that directory with a share name of event_logs
# 3. Change ZEPHYR to whatever server you want to store your logs on.
# 4. On the server Zephyr (or whatever you've changed it to)
#
#########################################################################
use Win32::EventLog; use File::Copy; use Time::localtime;
open(OUTFH,"+>>\\\\ZEPHYR\\event_logs\\buerrs.log"); @servers = ("S1","S2","S3","S4");
@logs = ("System","Application","Security");
#($sec,$min,$hour,$mday,$mon,$year) = localtime();
$year = localtime->year() + 1900;
$month = localtime->mon()+1;
$day = localtime->mday();
$hour = localtime->hour();
$min = localtime->min();
$sec = localtime->sec();
$date = join("_",$year,$month,$day,$hour,$min,$sec);
for ( $i = 0; $i <= $#servers ; $i++ )
{
foreach $eventlog (@logs)
{
$filename = $eventlog. "_" . $servers[$i] . "_" . $date;
$handle = Win32::EventLog->new("$eventlog","\\\\$servers[$i]") or
die "Can't open $eventlog Eventlog on $servers[$i]:$!\n";
# The directory event_logs was created on each server.
$handle->Clear("c:\\event_logs\\$filename.evt") or
print OFH "Could not clear and backup the $eventlog Eventlog on
$servers[$i]\n";
$handle->Close;
move("\\\\$servers[$i]\\event_logs\\$filename.evt","\\\\ZEPHYR\\event_logs\\ $eventlog\\$filename.evt")
or warn "Could not move $filename to ZEPHYR:$!\n";
}
}
close OUTFH;
-----Original Message-----
From: Zimin, Alex [mailto:alex@towerrecords.com]
Sent: January 24, 2003 4:11 PM
To: defaillance@hushmail.com; focus-ms@securityfocus.com
Subject: RE: Win2k log management
Try event log management tools from "Dorian Software". http://www.doriansoft.com/
Alex.
> -----Original Message----- > From: defaillance@hushmail.com [mailto:defaillance@hushmail.com] > Sent: Friday, January 24, 2003 10:04 AM > To: focus-ms@securityfocus.com > Subject: Win2k log management > > > > -----BEGIN PGP SIGNED MESSAGE----- > > I am currently administering over 10 server(advanced) and 20 > workstation (pro), The management of > event/security/application log has become unbeareable,so im > looking for a centralized management solution were the > informatin would be gather from server/workstation to a > specific server, so the question is: Anyone aware of such a > software that could do the job ? commercial or freeware, I > basically just want to avoid having to walk over to check > them manually. > > also if anyone who has faced this situation is willing to > share their knowledge on the subject... > > Thanks > -----BEGIN PGP SIGNATURE----- > Version: Hush 2.2 (Java) > Note: This signature can be verified at > https://www.hushtools.com/verify > > > wl8EARECACAFAj4xf/sZHGRlZmFpbGxhbmNlQGh1c2htYWlsLmNvbQAKCRAAqpYJlh8f > xQ7GAJ9+/LTX1k/uD/cY6mzx8iPKehJGhgCY8S0SZc03cmWwXsZwQBpQ8K7Rog== > =4gCk > -----END PGP SIGNATURE----- > > > > > Concerned about your privacy? Follow this link to get > FREE encrypted email: https://www.hushmail.com/?l=2 > > Big $$$ to be made with the HushMail Affiliate Program: > https://www.hushmail.com/about.php?subloc=affiliate&l=427 >Received on Wed Jan 29 10:30:53 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:26 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |