asked on 1/4/2013

Record Shutdown and Startup of clients

Hi Guys, Please help....

I need to be able to monitor and log system start up and shutdown times of the client machines on our network, but have no idea how to do it. Without buying any additional software could someone point me in the right direction. Maybe using an event in the event logs that will write a line to an excel file or database located somewhere centrally?

Microsoft Legacy OS Windows 7

Last Comment

SteveVII

1/11/2013

Norautron

1/4/2013

Hello:)

Maybe this could help?

http://www.petri.co.il/how-to-use-eventtriggersexe-to-send-e-mail-based-on-event-ids.htm

I did this so that if a certificate expired it would send me a mail..

SteveVII

1/4/2013

ASKER

Thanks Norautron, that has helped although i'm still a little lost.

I will try and use the eventtrigger. My plan is to use the 6006 and 1074 event ID's. I will then try and associate a VB script with that event which will write a line into a database.

Has anyone done this before and if so could you give me any pointers?

Thanks Steve

mo_patel

1/4/2013

look at downloading free SIEM tools which let you do this with out writing anything your self. Although cant guarentee you find something totally free....

Orlese you can try LogParser which will import the events into SQL, then all you need to do is write querys to display the events how ever you like

http://www.techrepublic.com/article/consolidating-events-with-free-log-parser-20-tool/5034923

but u need to weigh up if its cheaper to buy off the shelf rather than make your own, as time also costs money

ASKER CERTIFIED SOLUTION

Lionel MM

1/5/2013

THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.

View this solution by signing up for a free trial.

Members can start a 7-Day free trial and enjoy unlimited access to the platform.

See Pricing Options

Start Free Trial

SteveVII

1/6/2013

ASKER

Hi Lionelmm, any help you can give I will be more than grateful for. Scripting is not one of my strong points. Is there a way I could get the output to write to a SQL database rather than an individual file?

Lionel MM

1/6/2013

I can't help you to put it into a SQL database-- I know others can. I can get you to put stuff like username, computername, time date, (and many other variables) into a text file, have the text file amended each time the next user logs on or logs off; or keep separate files for each user or computer. Let me know if that will work for you.

Lionel MM

1/6/2013

I did a quick search for a SQL database logon and logoff script; found several; check this out
http://social.technet.microsoft.com/Forums/kn-IN/ITCG/thread/9ba485b6-f4be-4252-b445-685490ddf56d

Lionel MM

1/11/2013

Do you know how to add this to group policy, and do you want to know whether it is a logon or logoff event? If you need any further help let me know. Thanks.

SteveVII

1/11/2013

ASKER

In then end I assigned a task to events in the event viewer. I added User32 Event 1074 as the event and then pointed the scheduled task at a VBscript which noted the entry in a SQL database, I then attached a similar scheduled task to run at startup. Cheers Lionelmm