by Big Mean Ogre (1 Submission)
Category: Databases/Data Access/DAO/ADO
Compatability: VB Script
Difficulty: Unknown Difficulty
Originally Published: Wed 28th April 2004
Date Added: Mon 8th February 2021
Rating: (1 Votes)
Copy event logs from local machine to Sql table, and clear logs. Note you need a sql server with the proper fields (logname, computername,
MM_editConnection = MM_capacity_STRING
set conn_temp = CreateObject("ADODB.Connection")
conn_temp.open = MM_editConnection
set conn = CreateObject("ADODB.Command")
conn.ActiveConnection = MM_editConnection
set rs = Createobject("ADODB.RecordSet")
on error resume next
strComputer = "brisbane"
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate,(Security,Backup)}!\\" & strComputer & "\root\cimv2")
Set colLoggedEvents = objWMIService.ExecQuery _
("SELECT * FROM Win32_NTLogEvent WHERE Logfile = 'System'")
For Each objEvent in colLoggedEvents
Category = objEvent.Category
Computer_Name = objEvent.ComputerName
Event_Code = objEvent.EventCode
Message = objEvent.Message
Record_Number = objEvent.RecordNumber
Source_Name = objEvent.SourceName
Time_Written = objEvent.TimeWritten
Event_Type = objEvent.type
User = objEvent.User
set rs = Createobject("ADODB.RecordSet")
RoleStr = "insert into logs (logname, computername, eventcode, recordnumber, sourcename, eventtype, writtendate, username, message) values ('System Logs', '" & Computer_Name & "', '" & Event_Code & "', '" & Record_Number & "', '" & Source_Name & "', '" & Event_Type & "', '" & Time_Written & "', '" & User & "', '" & Message & "')"
rs.open RoleStr , conn_temp
rs.close
Next
Set colLoggedEvents = objWMIService.ExecQuery _
("SELECT * FROM Win32_NTLogEvent WHERE Logfile = 'Application'")
For Each objEvent in colLoggedEvents
Category = objEvent.Category
Computer_Name = objEvent.ComputerName
Event_Code = objEvent.EventCode
Message = objEvent.Message
Record_Number = objEvent.RecordNumber
Source_Name = objEvent.SourceName
Time_Written = objEvent.TimeWritten
Event_Type = objEvent.type
User = objEvent.User
set rs = Createobject("ADODB.RecordSet")
RoleStr = "insert into logs (logname, computername, eventcode, recordnumber, sourcename, eventtype, writtendate, username, message) values ('Application Logs', '" & Computer_Name & "', '" & Event_Code & "', '" & Record_Number & "', '" & Source_Name & "', '" & Event_Type & "', '" & Time_Written & "', '" & User & "', '" & Message & "')"
rs.open RoleStr , conn_temp
rs.close
Next
Set colLoggedEvents = objWMIService.ExecQuery _
("SELECT * FROM Win32_NTLogEvent WHERE Logfile = 'Security'")
For Each objEvent in colLoggedEvents
Category = objEvent.Category
Computer_Name = objEvent.ComputerName
Event_Code = objEvent.EventCode
Message = objEvent.Message
Record_Number = objEvent.RecordNumber
Source_Name = objEvent.SourceName
Time_Written = objEvent.TimeWritten
Event_Type = objEvent.type
User = objEvent.User
entry = "Security Log^ " & Computer_Name & "^ " & Event_Code & "^ " & Record_Number & "^ " & Source_Name & "^ " & Event_Type & "^ " & Time_Written & "^ " & User & Message & ";"
set rs = Createobject("ADODB.RecordSet")
RoleStr = "insert into logs (logname, computername, eventcode, recordnumber, sourcename, eventtype, writtendate, username, message) values ('Security Logs', '" & Computer_Name & "', '" & Event_Code & "', '" & Record_Number & "', '" & Source_Name & "', '" & Event_Type & "', '" & Time_Written & "', '" & User & "', '" & Message & "')"
rs.open RoleStr , conn_temp
rs.Close
Next
set LogFileSet = GetObject("winmgmts:{impersonationLevel= impersonate,(Security,Backup)}").ExecQuery("select * from Win32_NTEventLogFile where " & "LogfileName='Application' OR LogfileName='System' OR LogfileName='Security'")
dim sBackupName, sMessage
for each Logfile in LogFileSet
sMessage = "Log: " & Logfile.LogfileName & chr(13)
sBackupName = "C:\Temp\" & Logfile.LogfileName & ".log"
sMessage = sMessage & "Backup File: " & sBackupName & chr(13)
RetVal = LogFile.BackupEventlog(sBackupName)
if RetVal = 0 then sMessage = sMessage & "Log backed up" & chr(13)
RetVal = LogFile.ClearEventlog()
if RetVal = 0 then sMessage = sMessage &"Log Cleared"
Next
No comments have been posted about Copy event logs from local machine to Sql table, and clear logs. Note you need a sql server with th. Why not be the first to post a comment about Copy event logs from local machine to Sql table, and clear logs. Note you need a sql server with th.