Export Windows Log to CSV VB Script

I found this script online and modified it to get it working to export the Windows security event log to a CSV file. I need the event description in the CSV so I can not just use the event viewer export. I know I can use Event Log Explorer but I really want the script working. It writes the csv file but it does not populate anything in the file - 0 bytes. The name of my server is fs01.
'Retrieve *Audit Failures, Warnings, and Errors* from the EventLog files
On Error Resume Next
strComputer = "fs01"
 
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate,(Security)}!\\" & strComputer & "\root\cimv2") 
Set colLoggedEvents = objWMIService.ExecQuery ("Select * From Win32_NTLogEvent Where Logfile = 'Security'") 
 
Set FileSystem = WScript.CreateObject("Scripting.FileSystemObject")
Set oFile = FileSystem.CreateTextFile("EventsSearc.csv", True)
 
' Event properties are:
' objEvent.
' Category
' CategoryString
' ComputerName
' Data
' EventCode
' EventIdentifier
' EventType
' InsertionStrings
' Logfile
' Message = DESCRIPTION
' RecordNumber
' SourceName
' TimeGenerated
' TimeWritten
' Type
' User
 
For Each objEvent in colLoggedEvents
oFile.WriteLine (objEvent.Logfile & "," & objEvent.EventCode & "," & chr(34) & Trim( Replace( objEvent.Message, vbCrLf, " ")) & chr(34))
 
Next
 
Wscript.Echo "Done!!"
 
wscript.quit

Open in new window

LVL 6
mmcodefiveAsked:
Who is Participating?
 
BigRatConnect With a Mentor Commented:
When I take out the "on error resume next" I get an error messages concerning the computer "fs01". If I replace that with ".", the script runs on my machine and I get the required file.

I suggest that :-

a) fs01 is not a computer in your domain, or
b) fs01 is not accessible via the impersonation you have used, or
c) fs01 has the winmgmts service not available to remote machines.
0
All Courses

From novice to tech pro — start learning today.