Backup and clear the Security event log

Not a solution, but a start

Monitor Event Logs
http://www.microsoft.com/technet/scriptcenter/monitor/scrmon21.asp

WMI Administrative Tools
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=6430F853-1120-48DB-8CC5-F2ABDC3ED314
 

Evntcmd
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/entserver/evntcmd.asp

If any one can help me, this is what I have come up with so far. I want to use eventlog.pl to backup the Security log to a .txt file and then clear it. Name the text file with the file structure of dd_mm_yyy, and store it to a given path. I feel like I am so close to getting this but I can not tie it together. I need someone who knows scripting to guide me a little here.

Windows 2000 Scripting guide has sample that will do part of this, it just will not convert it to a .txt file. How can I incorperate these two items.

eventlog.pl -backup Security -format txt -file S:\Backuplogs

dtmThisDay = Day(Now)
dtmThisMonth = Month(Now)
dtmThisYear = Year(Now)
strBackupName = dtmThisDay & "_" & dtmThisMonth & "_" & dtmThisYear
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate,(Backup, Security)}!\\" & _
        strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
    ("SELECT * FROM Win32_NTEventLogFile WHERE LogFileName='Security'")
For Each objLogfile in colLogFiles
    objLogFile.BackupEventLog("S:\BackupLogs\" & strBackupName & _
        "_security.evt")
    objLogFile.ClearEventLog()
Next

Use -export instead of -backup

-backup: Use this operation to make backup copies of event logs.
-export: Use this operation to save event lists to text files.

HOW TO: Use the Event Log Management Script Tool (Eventlog.pl) to Manage Event Logs in Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;318763

Maybe freeware program dumpsec can be used:
http://www.systemtools.com/somarsoft/free.htm

Security Guide Scripts Download - includes view of all your workstations event logs from one machine.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=9989D151-5C55-4BD3-A9D2-B95A15C73E92

Thanks any way, none of the answers really gave me what I needed to get it to work. But here is what I wrote so if any one else needs it, change it to meet your needs.

: Batch Start
for /F "tokens=1-4 delims=/- " %%A in ('date/T') do set DATE=%%B%%C%%D
Eventlog.pl -export security -format csv -file C:\EventLog\Security%DATE%.csv
Eventlog.pl -backup security -file D:\EventLog\Security%DATE%.evt
Eventlog.pl -clear security
: Batch End

 This batch will export the file, and name it for the month,day and year. Also it will back it up so it can be saved to removeable storage. And last but not least clear the log.

This question is still open and getting old. If any of the comment(s) above helped you please accept it as an answer or split the points who ever helped you in this question. Your attention in finalising this question is very much appreciated. Thanks in advance,

****** PLEASE DO NOT ACCEPT THIS AS AN ANSWER ********

- If you would like to close this question and have your points refunded, please post a question in community support area on https://www.experts-exchange.com/Community_Support/ giving the address of this question. Thank you    

Pasha

Cleanup Volunteer