Solved

Getting User logs from XP/Vista/Windows 7 -  WMI queries

Posted on 2011-03-02
2
236 Views
Last Modified: 2012-05-11
Hi,
We are interested in collecting user logs from Windows XP, Windows 7 and Vista.

I have briefly read about WMI queries to get this material. I don't wish to get too bogged down in coding.  I just want a tool that will make a WMI call to end users to gather the logs.

Any insight you have would be appreciated.
0
Comment
Question by:NYGiantsFan
2 Comments
 
LVL 63

Accepted Solution

by:
btan earned 250 total points
ID: 35034155
this can be helpful
http://blogs.sans.org/windows-security/2009/06/30/dump-windows-event-logs-to-csv-text-vbscript/

for the WMI specific codes
http://msdn.microsoft.com/en-us/library/aa394593%28v=vs.85%29.aspx

but to get it from remote computers, you will need to run it in admin right
http://msdn.microsoft.com/en-us/library/aa389290%28v=vs.85%29.aspx

or alternatively, there is a common network share which each computer will execute the vbs (WMI) or based on schedules
or alternative, having a Snare agent to get the log but then need to setup the "architecture"
@ http://www.intersectalliance.com/projects/SnareWindows/
0
 
LVL 41

Assisted Solution

by:graye
graye earned 250 total points
ID: 35109500
Are you interested in how to perform this function so that you can write a program to do so....  or, are you asking for a recommendation for a free log gathering tool?

http://msdn.microsoft.com/en-us/library/bb427443(v=vs.85).aspx
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to determine if a particular type of device uses only a particular subnet 18 62
Cisco Router Security Commands. 2 31
SFTP Client- Server problem 6 26
Home security 15 43
An article on effective troubleshooting
The next five years are sure to bring developments that are just astonishing, and we will continue to try to find the balance between connectivity and security. Here are five major technological developments from the last five years and some predict…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question