Advanced Event Log Parsing in WSH - Making the code reusable
(Page 4 of 4 )
Okay, so far these scripts have been designed for one time use. Let’s take a look at how we can alter them to make them reusable. This is nice if you want to create a scheduled task to run them at regular intervals.
The only problem we really have to worry about in this case is the fact that our script always tries to create a database. What if it already exists?
We can make use of the FileSystemObject to see if the file exists. If it does, we proceed, if not, we create it first. Here’s what it looks like.
Set objFso = CreateObject("Scripting.FileSystemObject")
If objFso.FileExists("C:events.mdb") Then
oConn.Open strConnection
Else
Set objCatalog = CreateObject("ADOX.Catalog")
objCatalog.Create strConnection
Set objCatalog = Nothing
Set oConn = CreateObject("ADODB.Connection")
oConn.Open strConnection
oConn.Execute "CREATE TABLE EventTable(" _
& "Category INT, " _
& "ComputerName VARCHAR(50), " _
& "EventCode INT, " _
& "Message VARCHAR(100), " _
& "EventType VARCHAR(50), " _
& "RecordNumber INT, " _
& "SourceName VARCHAR(50), " _
& "TypeDesc VARCHAR(15), " _
& "UserName VARCHAR(50), " _
& "TimeGenerated VARCHAR(19), " _
& "TimeWritten VARCHAR(19)" _
& ")", , 129
End If
This code should be very familiar to you. We begin by connecting to the FileSystemObject. Then we turn to the FileExists function to check for our database file.
If the file exists, just open the connection and move on to our next code segment. If it doesn’t, we perform the code for creating it and establishing our table before moving on.
If you’ve taken the time to construct a useful a query, you should now have a completely reusable code sample. Put it into use by making it a Scheduled Task or by launching it as the result of another process.
Be sure to come back for the final part of this series when we take a look at how to make this code more useful in network environments. We’ll look at how to make it run on several machines at once as well as how to add a very cool feature. You won’t want to miss it. Until the, keep coding!
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
