In: Categories » Computers and technology » Microsoft OS family » Get Windows Event Log Information
|
Need to check on the size and configuration settings of your event logs? Use this script instead of the GUI; it's faster! Monitoring event logs is an essential part of an administrator's job. Unfortunately, viewing event log settings and log file sizes from the GUI is cumbersome, and it would be useful to have an easier way to obtain this information. That's exactly what this hack is all about. You can run the script on Windows NT/2000 and later to obtain the current file size, maximum file size, and number of records, and you can overwrite settings on the Application, System, and Security logs. The CodeType the following script into Notepad (make sure Word Wrap is disabled) and save it with a .vbs extension as loginfo.vbs. Option Explicit On Error Resume Next Dim strMoniker Dim refWMI Dim colEventLogs Dim refEventLog Dim strSource 'moniker string stub - security privilege needed to get 'numrecords for Security log strMoniker = "winMgmts:{(Security)}!"
'append to moniker string if a machine name has been given If WScript.Arguments.Count = 1 Then _ strMoniker = strMoniker & "\\" & WScript.Arguments(0) & ":" 'attempt to connect to WMI Set refWMI = GetObject(strMoniker) If Err <> 0 Then WScript.Echo "Could not connect to the WMI service." WScript.Quit End If 'get a collection of Win32_NTEventLogFile objects Set colEventLogs = refWMI.InstancesOf("Win32_NTEventLogFile")
If Err <> 0 Then WScript.Echo "Could not retrieve Event Log objects" WScript.Quit End If 'iterate through each log and output information For Each refEventLog In colEventLogs WScript.Echo "Information for the " & _ refEventLog.LogfileName & _ " log:" WScript.Echo " Current file size: " & refEventLog.FileSize WScript.Echo " Maximum file size: " & refEventLog.MaxFileSize WScript.Echo " The Log currently contains " & _ refEventLog.NumberOfRecords & " records" 'output policy info in a friendly format using OverwriteOutDated, 'as OverWritePolicy is utterly pointless. 'note "-1" is the signed interpretation of 4294967295 Select Case refEventLog.OverwriteOutDated Case 0 WScript.Echo _ " Log entries may be overwritten as required" Case -1 WScript.Echo _ " Log entries may NEVER be overwritten" Case Else WScript.Echo _ " Log entries may be overwritten after " & _ refEventLog.OverwriteOutDated & " days" WScript.Echo End Select Next Set refEventLog = Nothing Set colEventLogs = Nothing Set refWMI = Nothing Running the HackTo run the script, use Cscript.exe, the command-line version of the Windows Script Host (WSH). Simply type cscript loginfo.vbs at a command prompt from the directory in which the script resides. Here is a sample of typical output when the script runs on a Windows 2000 machine: C:\>cscript loginfo.vbs Microsoft (R) Windows Script Host Version 5.6 Copyright (C) Microsoft Corporation 1996-2001. All rights reserved. Information for the Security log: Current file size: 65536 Maximum file size: 524288 The Log currently contains 166 records Log entries may be overwritten after 7 days Information for the Application log: Current file size: 524288 Maximum file size: 524288 The Log currently contains 2648 records Log entries may be overwritten as required Information for the System log: Current file size: 524288 Maximum file size: 524288 The Log currently contains 2648 records Log entries may be overwritten after 7 daysNote that when you run this script on a domain controller it displays information concerning the Directory Service, File Replication Service, and DNS logs as well.
|
legal disclaimer
1) Our website is not responsible for the information contained by this article as well for any and all copyright infringements by authors and writers. E-articles is a free information resource. If you suspect this article for any copyright infringements, please read the Terms of service and contact us to investigate the problem.
2) The E-articles directory team is not responsible for inaccuracies, falsehoods, or any other types of misinformation this tutorial may contain and will not be liable for any loss or damage suffered by a user through the user's reliance on the information gained here. Please read the Terms of service
Useful tools and features
If you like this article (tutorial), please link to it from your web page using the information above. Linking to this page, this is the only way to help us improve our service, the same time providing your visitors with a way to improve their online experience.
related articles
The CPU story is not over, however. The need for processors capable of handling far more than 4GB of memory has led to development of two competing 64-bit architectures. Intel developed and promoted a 64-bit architecture called IA-64 or Itanium, intended primarily for database and network server computers. Advanced Micro Devices also produced a 64-bit architecture, called x64 or AMD-64. Intel is now manufacturing chips that use the x64 instruction set. x64 processors typically yield better performance than Itanium running 32-bi...
2. Managing Startup Programs under Windows XP
Besides ensuring that your computer has adequate memory, one of the next best ways to improve your subjective experience of Windows' speed is to make the logon process faster. The logon process can be greatly slowed by large numbers of programs that are launched automatically upon logon; the desktop and Start menu don't respond until all of the login programs have been activated. Keeping the list of startup programs short is a constant struggle, however. To hide the fact that many common programs are poorly written and ...
3. How to Configure Automatic Updates in Windows XP
Automatic Updates is a mechanism with an awkwardly plural-sounding name by which Microsoft or corporate network managers distribute critical security updates to Windows users. Fixes sent by this means are considered so important for adequate security in the hostile Internet environment that Microsoft prefers that you configure it to download and install the updates, and if necessary even restart your computer without your being aware of it. There are four levels of Automatic Updates protection to which you can subscribe:...
4. MS DOS Versus PC DOS
With modern PCs having a very high level of standardization and compatibility, today it is easy to see how Microsoft can market complete packaged operating systems that will install and work unmodified on practically any PC you can purchase or build. Without the standardization and compatibility we have come to depend on, different specific "flavors" of a given operating system would be required for specific different hardware. That is exactly how things were back in the early '80s when the IBM PC was introduced. Many o...
5. How to make your PC Available for Remote Desktop Connection
To use Remote Desktop to reach your computer from the Internet, both the computer and your Internet connection must always be up and running. In addition, you must be able to make connections from the outside world to your computer, so there are additional requirements: If you use dial-up Internet service, you'll need someone at home to establish the connection before you can connect to your computer. If you use cable or DSL Internet service, you must either have a static IP address ass...
6. How to Update DirectX ~ Advantages
Although most Windows applications place fairly low demands on the display system, putting up fairly static displays and updating them relatively infrequently, interactive games and video displays are very graphics intensive. Game players pay big bucks for fps, or frames per second, which is a measure of how fast the hardware and software can generate new images as the scene changes and objects move. Under about 30fps, the image flickers and motion is noticeably jerky. Beyond 30fps, faster updates aren't noticeable, and the e...
7. Using Simple File Sharing in Windows
Although most home users are typically happy letting anyone at any computer read or modify any file, business users need to restrict access to files with payroll, personnel, and proprietary information. Windows XP and its predecessors, Windows NT and Windows 2000, were primarily designed for business use, so they require usernames and passwords for identification, and have a security system that lets computer owners restrict access to sensitive files on a user-by-user and file-by-file basis on each computer. Unfortunate...
8. The Evolution of Microsoft Windows ~ The Windows 9x Family
By the mid-1990s, processor power had increased and memory prices had decreased dramatically since Windows' original release. The Internet had also sprung onto the world stage, from an academic tool to an instrument of global communication and commerce. (You may recall that Windows 3.1 did not even include support for the TCP/IP network protocol used on the Internetyou had to purchase it from a third-party vendor.) Users' expectations likewise had grown with computers' capabilities, and desktop publishing, graphics editing, and...
9. How to install Windows and Installation Types
Deciding on the type of installation to perform is dictated by many factors, such as the following: Is there an operating system currently installed? If so, do you want to preserve settings and configurations, or start from scratch? Will the installation be performed interactively or remotely? How many computers are to be installed at a single time? Is your network arranged in a domain model using Active Directory? These are ...