.NET
ASP
ASP Code
ASP.NET
ASP.NET Code
BrainDump
C#
Code Examples
Database
Database Code
IIS
Microsoft Access
MS SQL Server
Visual Basic.NET
Windows Scripting
Windows Security
XML

ASP Web Hosting
ASP.NET Web Hosting
Dedicated Servers
Moblin
JMSL Numerical Library
Windows Web Hosting

IBM® developerWorks
Sun Developer Network
Weekly Newsletter
Developer Updates
Free Website Content

Articles

Forums

All Feeds

Write For Us Get Paid

Request Media Kit

Site Map

Privacy Policy
Support

USERNAME

PASSWORD

>>> SIGN UP!

Lost Password?

WINDOWS SCRIPTING

RSS

Parsing Event Logs in WSH

By: Nilpo/Developer Shed Staff Writer	Search For More Articles! Disclaimer Author Terms
Rating: / 2
2007-05-21

Table of Contents:

Parsing Event Logs in WSH

Using WMI to access NT Log events

Creating the database

Adding event data to the database

	ADD THIS ARTICLE TO:
	Del.ici.ous	Digg
	Blink	Simpy
	Google	Spurl
	Y! MyWeb	Furl

Email Me Similar Content When Posted

Add Developer Shed Article Feed To Your Site

Email Article To Friend

Print Version Of Article

PDF Version Of Article

Parsing Event Logs in WSH - Creating the database

(Page 3 of 4 )

Now that we have a way to process the events in the event logs, we need a place to put them. Let’s go ahead and create a database now.

strConnection = "Provider=Microsoft.Jet.OLEDB.4.0; " _

& "Data Source=C:events.mdb"

Set objCatalog = CreateObject("ADOX.Catalog")

objCatalog.Create strConnection

Set objCatalog = Nothing

All we’ve done here is create the flat file that will contain our database. As it sits now, this file is completely unusable. In order to make it usable we need to add a database table and create some fields. We’ll do that simply with ADODB.

Set oConn = CreateObject("ADODB.Connection")

oConn.Open strConnection

oConn.Execute "CREATE TABLE EventTable(" _

& "Category INT, " _

& "ComputerName VARCHAR(50), " _

& "EventCode INT, " _

& "Message VARCHAR(100), " _

& "EventType VARCHAR(50), " _

& "RecordNumber INT, " _

& "SourceName VARCHAR(50), " _

& "TypeDesc VARCHAR(15), " _

& "UserName VARCHAR(50), " _

& "TimeGenerated VARCHAR(19), " _

& "TimeWritten VARCHAR(19)" _

& ")", , 129

This is a two step process. First connect to the ADODB object, which in turn opens a database connection. Then, execute a SQL statement that creates the DB table in our file. Notice that I have not closed the ADODB connection. I’ve intentionally left it open as we’ll be using it again in the next step.

All I’ve done is create a field for each of the event log properties. Notice that I’ve limited the Message field to 100 characters. We’ll have to make sure that we don’t write more than that to our database.

Why have I restricted it? I’ve restricted it mostly because different DB drivers support different row lengths. I wanted to make this script universal for all readers regardless of what driver or database format they choose to use.

Aside from all of that, nine times out of ten, you’re not going to need all of the information in the message field anyway. So limiting its size in our database will make it more functional and faster.

Next: Adding event data to the database >>

More Windows Scripting Articles
More By Nilpo/Developer Shed Staff Writer

Comments On: Parsing Event Logs in WSH
· Event logs can help a good system or network administrator be more effective. Learn...

>>> Post your comment now!

WINDOWS SCRIPTING ARTICLES

- A Portable Scripting Toolbox
- WPF Through an Example: Introduction
- Beginning SharePoint Web Part Development
- More Alternative Languages for WSH
- WPF Control Layout
- WSH in Other Languages
- Screen Capturing via GDI+ and GDI
- Understanding Procedures in VBScript
- Printing Documents in WSH
- Generating Outlook Signatures Based on Activ...
- VBScript: Converting and Formatting with Fun...
- VBScript: Conversion and Format Functions
- VBScript: Array Functions
- VBScript: Strings, You Can`t Function withou...
- VBScript: More String Functions
Find More Windows Scripting Articles