Irrylyn
asked on
Can I backup event logs without clearing them?
I am currently running the following script to backup event logs to C:/EventLogs and clear them.
Instead, i would like to know if I can backup the event logs and not clear them from the event log viewer. I assume I'd just have to replace "objLogFile.ClearEventLog"
How can I do this?
----------------
Here is the script I'm using:
Dim DestServer
' Put in the UNC path for where you want the logs to be stored
DestServer = "C:\EventLogs"
'Create the Time variables
sDate=Right("0" & Month(Date),2) _
& "-" & Right("0" & Day(Date),2) _
& "-" & Right(Year(Date),2)
sTime = DatePart("h", Now) & DatePart("n", Now)
set oFSO = CreateObject("Scripting.Fi
Set wshShell = WScript.CreateObject( "WScript.Shell" )
strServerName = wshShell.ExpandEnvironment
'If correct folder doesn't exist, make it
if Not oFSO.FolderExists(DestServ
set oFolder = oFSO.CreateFolder(DestServ
end if
'Gets the log files for this machine
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=imper
& strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
("Select * from Win32_NTEventLogFile")
'This section goes out and gets the hostname this is run on for us.
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("S
For Each objItem in colItems
strHOSTNAME = objItem.Name
NEXT
'Now archive the logs and clear them
if oFSO.FolderExists(DestServ
For Each objLogfile in colLogFiles
strBackupLog = objLogFile.BackupEventLog _
(DestServer & strComputerName & "\" & strHOSTNAME & "_" & objLogFile.LogFileName & "_" & sDate & "_" & sTime & ".evt")
objLogFile.ClearEventLog()
Next
end if
Instead, i would like to know if I can backup the event logs and not clear them from the event log viewer. I assume I'd just have to replace "objLogFile.ClearEventLog"
How can I do this?
----------------
Here is the script I'm using:
Dim DestServer
' Put in the UNC path for where you want the logs to be stored
DestServer = "C:\EventLogs"
'Create the Time variables
sDate=Right("0" & Month(Date),2) _
& "-" & Right("0" & Day(Date),2) _
& "-" & Right(Year(Date),2)
sTime = DatePart("h", Now) & DatePart("n", Now)
set oFSO = CreateObject("Scripting.Fi
Set wshShell = WScript.CreateObject( "WScript.Shell" )
strServerName = wshShell.ExpandEnvironment
'If correct folder doesn't exist, make it
if Not oFSO.FolderExists(DestServ
set oFolder = oFSO.CreateFolder(DestServ
end if
'Gets the log files for this machine
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=imper
& strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
("Select * from Win32_NTEventLogFile")
'This section goes out and gets the hostname this is run on for us.
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("S
For Each objItem in colItems
strHOSTNAME = objItem.Name
NEXT
'Now archive the logs and clear them
if oFSO.FolderExists(DestServ
For Each objLogfile in colLogFiles
strBackupLog = objLogFile.BackupEventLog _
(DestServer & strComputerName & "\" & strHOSTNAME & "_" & objLogFile.LogFileName & "_" & sDate & "_" & sTime & ".evt")
objLogFile.ClearEventLog()
Next
end if
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Randy Downs
'objLogFile.ClearEventLog(
ASKER
Yep, that was all I had to do.
Thank you
Thank you