auto query windows security log for specific event id
Posted on 2010-08-24
I have been running with powershell for a fair while now, so my vbscript is a little rusty..!
I am wanting to schedule a job to run on a legacy exchange 2003 server and export 1009 events from the security log.
I am auditing the legacy infrastructure to ensure recently migrated users are not accessing their old mailboxes by mistake - these will of course be closed shortly but for a week or so I would like to audit.
I am running dumpeventlog.vbs but I would like something that I can auto-schedule to specifically export 1009 events from the security log only...
I am not able to install anything in the legacy environment and powershell is a no-go.
Any help pointers much appreciated...