Export Windows Log to CSV VB Script

I found this script online and modified it to get it working to export the Windows security event log to a CSV file. I need the event description in the CSV so I can not just use the event viewer export. I know I can use Event Log Explorer but I really want the script working. It writes the csv file but it does not populate anything in the file - 0 bytes. The name of my server is fs01.
'Retrieve *Audit Failures, Warnings, and Errors* from the EventLog files
On Error Resume Next
strComputer = "fs01"
 
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate,(Security)}!\\" & strComputer & "\root\cimv2") 
Set colLoggedEvents = objWMIService.ExecQuery ("Select * From Win32_NTLogEvent Where Logfile = 'Security'") 
 
Set FileSystem = WScript.CreateObject("Scripting.FileSystemObject")
Set oFile = FileSystem.CreateTextFile("EventsSearc.csv", True)
 
' Event properties are:
' objEvent.
' Category
' CategoryString
' ComputerName
' Data
' EventCode
' EventIdentifier
' EventType
' InsertionStrings
' Logfile
' Message = DESCRIPTION
' RecordNumber
' SourceName
' TimeGenerated
' TimeWritten
' Type
' User
 
For Each objEvent in colLoggedEvents
oFile.WriteLine (objEvent.Logfile & "," & objEvent.EventCode & "," & chr(34) & Trim( Replace( objEvent.Message, vbCrLf, " ")) & chr(34))
 
Next
 
Wscript.Echo "Done!!"
 
wscript.quit

Open in new window

LVL 6
mmcodefiveAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

BigRatCommented:
When I take out the "on error resume next" I get an error messages concerning the computer "fs01". If I replace that with ".", the script runs on my machine and I get the required file.

I suggest that :-

a) fs01 is not a computer in your domain, or
b) fs01 is not accessible via the impersonation you have used, or
c) fs01 has the winmgmts service not available to remote machines.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VB Script

From novice to tech pro — start learning today.