Solved

Getting User logs from XP/Vista/Windows 7 -  WMI queries

Posted on 2011-03-02
2
232 Views
Last Modified: 2012-05-11
Hi,
We are interested in collecting user logs from Windows XP, Windows 7 and Vista.

I have briefly read about WMI queries to get this material. I don't wish to get too bogged down in coding.  I just want a tool that will make a WMI call to end users to gather the logs.

Any insight you have would be appreciated.
0
Comment
Question by:NYGiantsFan
2 Comments
 
LVL 62

Accepted Solution

by:
btan earned 250 total points
ID: 35034155
this can be helpful
http://blogs.sans.org/windows-security/2009/06/30/dump-windows-event-logs-to-csv-text-vbscript/

for the WMI specific codes
http://msdn.microsoft.com/en-us/library/aa394593%28v=vs.85%29.aspx

but to get it from remote computers, you will need to run it in admin right
http://msdn.microsoft.com/en-us/library/aa389290%28v=vs.85%29.aspx

or alternatively, there is a common network share which each computer will execute the vbs (WMI) or based on schedules
or alternative, having a Snare agent to get the log but then need to setup the "architecture"
@ http://www.intersectalliance.com/projects/SnareWindows/
0
 
LVL 41

Assisted Solution

by:graye
graye earned 250 total points
ID: 35109500
Are you interested in how to perform this function so that you can write a program to do so....  or, are you asking for a recommendation for a free log gathering tool?

http://msdn.microsoft.com/en-us/library/bb427443(v=vs.85).aspx
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Every computer eventually fails. When that happens, your valuable data is only as safe as your current backup.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now