• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 273
  • Last Modified:

i need a vb script to take an event ID from the app log and move it to the security log, any ideas?

i need a vb script to take an event ID from the app log and move it to the security log, any ideas?
0
ntr2def
Asked:
ntr2def
  • 3
  • 2
1 Solution
 
biaselectronicsCommented:
I am not sure you can 'move' it (delete it from the Security Log) but you could read it from one log using logparser and make an entry into another log - we use logparser to read and WSH to make an entry like this:

Logparser:
"c:\Program Files\Log Parser 2.2\LogParser.exe" -o:NAT -rtp:-1 "SELECT Eventlog, TimeGenerated, SourceName, Message INTO c:\Monitoring\errorlog.txt FROM System, Security, Application WHERE EventTypeName = 'Error event' AND TimeGenerated > SUB( TO_LOCALTIME(SYSTEM_TIMESTAMP()), TIMESTAMP('0000-01-02','yyyy-MM-dd')) ORDER BY Eventlog, SourceName"

VBScript code and pseudo-code as follows:


'Use these Constants to designate the type of Event Log.
const SUCCESS = 0
const ERROR = 1
const WARNING = 2
const INFORMATION = 4
const AUDIT_SUCCESS = 8
const AUDIT_FAILURE = 16

' WSH writes into the application log

set W = WScript.CreateObject("WScript.Shell")

if [logparser var errormessage found & read in one log] then
      W.LogEvent ERROR, "ALERT - error found in log"
Else
      W.Logevent INFORMATION, "everything is OK"
End if

set W=nothing
0
 
ntr2defAuthor Commented:
it has to be native as I am running this from a DC and refuse to install 3rd party software on our Dc's
0
 
biaselectronicsCommented:
0
 
ntr2defAuthor Commented:
So the code provided will for example say read event 11707 and write to securty log?
0
 
biaselectronicsCommented:
Into the application log  - this is what WSH is limited to
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now