Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Triggering a Batch File to run from Event Viewer / POP-up window

Posted on 2005-05-04
8
Medium Priority
?
979 Views
Last Modified: 2008-02-01
I am in need of a DOS batch file that is able to detect a refresh message sent by another PC to a specific PC. The refresh message is basically a window that pop's up and states that data has been refreshed. It is also noted that when this refresh window pop's up, it is displayed in the Event Viewer under the Application Section.

I need a batch file that picks up this entry from the Event Viewer and proceeds to trigger another batch file to run. How can I know that a new entry in the Event Viewer has appeared or a pop-up window has been displayed on my PC?

I don't mind using VB Script, but can VB Script call a MS-DOS Batch File. If it can, what is the code for it.

Thank You.
0
Comment
Question by:ben1211
  • 4
  • 3
8 Comments
 
LVL 9

Expert Comment

by:kfullarton
ID: 13928707
Here's an example of a VBScript that monitors the Event Log for Even ID 533.  When that event is detected, It echoes that someone attempted to access a database server.


strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate, (Security)}!\\" & _
        strComputer & "\root\cimv2")

Set colMonitoredEvents = objWMIService.ExecNotificationQuery _    
    ("Select * from __instancecreationevent where " _
        & "TargetInstance isa 'Win32_NTLogEvent' " _
            & "and TargetInstance.EventCode = '533' ")

Do
    Set objLatestEvent = colMonitoredEvents.NextEvent
     strAlertToSend = objLatestEvent.TargetInstance.User _
         & " attempted to access DatabaseServer."
     Wscript.Echo strAlertToSend
Loop

0
 
LVL 4

Expert Comment

by:LittleRed1
ID: 13931799
If you prefer a batch file, you can use DUMPEL and SLEEP to provide the functionality. It would also be easier to customise if you're not a VB guru.
0
 

Author Comment

by:ben1211
ID: 13931980
I am not a VBS Guru and I need more help in trying to understand the code given by kfullarton. I would prefer a MS-DOS batch file. I would be grateful if anyone could help.

Thank You
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 4

Accepted Solution

by:
LittleRed1 earned 2000 total points
ID: 13933270
OK

You will need two commandline utilities: DUMPEL.EXE and SLEEP.EXE.

DUMPEL: look at http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/dumpel-o.asp
SLEEP can be found in the resource kit.

The batch file should look something like this:
---------------------------------------------------------------------------
@echo off
setlocal ENABLEDELAYEDEXPANSION

:: Set variables to make customisation easier

set eventid=26
set source=Application Popup
set log=System
set targethost=localhost
set pollinterval=60
set searchstring=refreshed

:: Now we start the loop
set firstrun=yes

:start

:: This FOR loop will extract any events and set a timestamp for the last one. It also stores the content in a variable.

for /f "tokens=1,2,9 delims=      " %%a in ('dumpel -l !log! -s \\!targethost! -d 1 -m "!source!" -e !eventid!') do (
      set timestamp=%%a%%b
      set content=%%c
)

:: Check if any new events have occurred.

if not "!firstrun!" == "yes" if not "!timestamp!" == "!lastevent!" (
      echo %%c|find /i "!searchstring!">nul
:: If the content contains the string specified in the searchstring variable, run the batch file
      if errorlevel 1 start /i mybatch.cmd
)

set firstrun=
set lastevent=!timestamp!
sleep !pollinterval!
goto start
---------------------------------------------------------------------------
0
 
LVL 4

Expert Comment

by:LittleRed1
ID: 13933277
Ah, I forgot - I used START to run the batch file, but you might need to be careful as it doesn't exit. I'm not sure how it will behave when run under the scheduler.
0
 

Author Comment

by:ben1211
ID: 13941394
LittleRed1, thank you for the code and the link to download dumpel.exe
I will try the code out and get back to you asap.
Thanks a million!

Ben
0
 

Author Comment

by:ben1211
ID: 13943228
LittleRed1,

I downloaded the dumpel.exe file from Microsoft and I installed it on two PC's with two different OS. One with XP Pro and the other with 2000 Pro and at the command prompt I typed c:\>dumpel /?  and I received this message:

'dumpel' is not recognized as an internal or external command, operable program or batch file.

why is this so?

Thank You
0
 
LVL 4

Expert Comment

by:LittleRed1
ID: 13943627
You need to make sure that it's either in the same directory that you're typing the command from or that it's in the path. Generally, I prefer to copy it to the Windows directory (or WINNT in 2000). That way it's always in the path.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Often we come across situations wherein our batch files would be needing to reboot Windows for a variety of reasons. A few of them would be like: (1) Setup files have been updated whose changes can take effect only after a reboot …
In this article we will discuss all things related to StageFright bug, the most vulnerable bug of android devices.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.
Suggested Courses

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question