I developed the following code as a batch file in an attempt to periodically verify that the security log exists on a system in the location specified in the registry.
The problem is that the path returned from the registry includes %systemroot%\... and this varaiable is not subsequently expanded. Thus, the IF EXIST check never returns true.
I believe, in theory "setlocal enabledelayedexpansion" should aleviate this problem, but it does not.
There has been a bug reported here, http://www.robvanderwoude.com/variableexpansionbug.php
, that may be related.
Given that this may be a bug, I am open to alternative solutions, not including expanding the data as retrieved here.
For /F "tokens=3" %%i IN ('REG query HKLM\System\CurrentControl
/v file ^| Find /I ^"File^"') DO (
IF Exist %strPath% GOTO FOUNDSECLOG
ECHO ALERT! Security Log DOES NOT EXIST at %strPath%.
ECHO Log Found at %strPath%.