Triggering a Batch File to run from Event Viewer / POP-up window

Posted on 2005-05-04
Last Modified: 2008-02-01
I am in need of a DOS batch file that is able to detect a refresh message sent by another PC to a specific PC. The refresh message is basically a window that pop's up and states that data has been refreshed. It is also noted that when this refresh window pop's up, it is displayed in the Event Viewer under the Application Section.

I need a batch file that picks up this entry from the Event Viewer and proceeds to trigger another batch file to run. How can I know that a new entry in the Event Viewer has appeared or a pop-up window has been displayed on my PC?

I don't mind using VB Script, but can VB Script call a MS-DOS Batch File. If it can, what is the code for it.

Thank You.
Question by:ben1211
    LVL 9

    Expert Comment

    Here's an example of a VBScript that monitors the Event Log for Even ID 533.  When that event is detected, It echoes that someone attempted to access a database server.

    strComputer = "."
    Set objWMIService = GetObject("winmgmts:" _
        & "{impersonationLevel=impersonate, (Security)}!\\" & _
            strComputer & "\root\cimv2")

    Set colMonitoredEvents = objWMIService.ExecNotificationQuery _    
        ("Select * from __instancecreationevent where " _
            & "TargetInstance isa 'Win32_NTLogEvent' " _
                & "and TargetInstance.EventCode = '533' ")

        Set objLatestEvent = colMonitoredEvents.NextEvent
         strAlertToSend = objLatestEvent.TargetInstance.User _
             & " attempted to access DatabaseServer."
         Wscript.Echo strAlertToSend

    LVL 4

    Expert Comment

    If you prefer a batch file, you can use DUMPEL and SLEEP to provide the functionality. It would also be easier to customise if you're not a VB guru.

    Author Comment

    I am not a VBS Guru and I need more help in trying to understand the code given by kfullarton. I would prefer a MS-DOS batch file. I would be grateful if anyone could help.

    Thank You
    LVL 4

    Accepted Solution


    You will need two commandline utilities: DUMPEL.EXE and SLEEP.EXE.

    DUMPEL: look at
    SLEEP can be found in the resource kit.

    The batch file should look something like this:
    @echo off

    :: Set variables to make customisation easier

    set eventid=26
    set source=Application Popup
    set log=System
    set targethost=localhost
    set pollinterval=60
    set searchstring=refreshed

    :: Now we start the loop
    set firstrun=yes


    :: This FOR loop will extract any events and set a timestamp for the last one. It also stores the content in a variable.

    for /f "tokens=1,2,9 delims=      " %%a in ('dumpel -l !log! -s \\!targethost! -d 1 -m "!source!" -e !eventid!') do (
          set timestamp=%%a%%b
          set content=%%c

    :: Check if any new events have occurred.

    if not "!firstrun!" == "yes" if not "!timestamp!" == "!lastevent!" (
          echo %%c|find /i "!searchstring!">nul
    :: If the content contains the string specified in the searchstring variable, run the batch file
          if errorlevel 1 start /i mybatch.cmd

    set firstrun=
    set lastevent=!timestamp!
    sleep !pollinterval!
    goto start
    LVL 4

    Expert Comment

    Ah, I forgot - I used START to run the batch file, but you might need to be careful as it doesn't exit. I'm not sure how it will behave when run under the scheduler.

    Author Comment

    LittleRed1, thank you for the code and the link to download dumpel.exe
    I will try the code out and get back to you asap.
    Thanks a million!


    Author Comment


    I downloaded the dumpel.exe file from Microsoft and I installed it on two PC's with two different OS. One with XP Pro and the other with 2000 Pro and at the command prompt I typed c:\>dumpel /?  and I received this message:

    'dumpel' is not recognized as an internal or external command, operable program or batch file.

    why is this so?

    Thank You
    LVL 4

    Expert Comment

    You need to make sure that it's either in the same directory that you're typing the command from or that it's in the path. Generally, I prefer to copy it to the Windows directory (or WINNT in 2000). That way it's always in the path.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Introduction How to create multiboot configuration with XP\Vista and Windows 7 on it? And most important question - how to do this correctly so not to have any kind of nightmares we get when system gets screwed? First of all one should realize t…
    I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension ( This reminded me of questions tha…
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now