Solved

Record Shutdown and Startup of clients

Posted on 2013-01-04
9
491 Views
Last Modified: 2013-01-11
Hi Guys, Please help....

I need to be able to monitor and log system start up and shutdown times of the client machines on our network, but have no idea how to do it. Without buying any additional software could someone point me in the right direction. Maybe using an event in the event logs that will write a line to an excel file or database located somewhere centrally?
0
Comment
Question by:SteveVII
9 Comments
 
LVL 1

Expert Comment

by:Norautron
ID: 38743336
Hello:)

Maybe this could help?

http://www.petri.co.il/how-to-use-eventtriggersexe-to-send-e-mail-based-on-event-ids.htm

I did this so that if a certificate expired it would send me a mail..
0
 

Author Comment

by:SteveVII
ID: 38743449
Thanks Norautron, that has helped although i'm still a little lost.

I will try and use the eventtrigger. My plan is to use the 6006 and 1074 event ID's. I will then try and associate a VB script with that event which will write a line into a database.

Has anyone done this before and if so could you give me any pointers?

Thanks Steve
0
 
LVL 6

Expert Comment

by:mo_patel
ID: 38744432
look at downloading free SIEM tools which let you do this with out writing anything your self. Although cant guarentee you find something totally free....

Orlese you can try LogParser which will import the events into SQL, then all you need to do is write querys to display the events how ever you like

http://www.techrepublic.com/article/consolidating-events-with-free-log-parser-20-tool/5034923

but u need to weigh up if its cheaper to buy off the shelf rather than make your own, as time also costs money
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 25

Accepted Solution

by:
Lionel MM earned 500 total points
ID: 38746742
If all you want to do is know when a user logos on and then logs or (or starts up or shutdown) you can create a logon script. I do this to track when users logon (time and date) and then shutdown their PCs. I have added this to a Group Policy of the domain (applies to everyone). If you want it for just one system you can it to the local group policy.
Create a batch file (need help with this?); lets call it test.bat
Add this to it
for /f "Tokens=1-4" %%i in ('date /t') do Set dt=%%i%%j%%k%%l
for /f "Tokens=1-4" %%i in ('time /t') do Set tm=%%i%%j%%k
Set tm=%tm::=-%
Set dttm=%dt%-%tm%
Set >\\servername\sharename\%dttm%.Txt
This will give you a file with the date and time as part of the file name.
0
 

Author Comment

by:SteveVII
ID: 38749010
Hi Lionelmm, any help you can give I will be more than grateful for. Scripting is not one of my strong points. Is there a way I could get the output to write to a SQL database rather than an individual file?
0
 
LVL 25

Expert Comment

by:Lionel MM
ID: 38749138
I can't help you to put it into a SQL database-- I know others can. I can get you to put stuff like username, computername, time date, (and many other variables) into a text file, have the text file amended each time the next user logs on or logs off; or keep separate files for each user or computer. Let me know if that will work for you.
0
 
LVL 25

Expert Comment

by:Lionel MM
ID: 38749151
I did a quick search for a SQL database logon and logoff script; found several; check this out
http://social.technet.microsoft.com/Forums/kn-IN/ITCG/thread/9ba485b6-f4be-4252-b445-685490ddf56d
0
 
LVL 25

Expert Comment

by:Lionel MM
ID: 38766618
Do you know how to add this to group policy, and do you want to know whether it is a logon or logoff event? If you need any further help let me know. Thanks.
0
 

Author Comment

by:SteveVII
ID: 38766928
In then end I assigned a task to events in the event viewer. I added User32 Event 1074 as the  event and then pointed the scheduled task at a VBscript which noted the entry in a SQL database, I then attached a similar scheduled task to run at startup. Cheers Lionelmm
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On some Windows 7 (SP1) computers, Windows Update becomes super slow even the computer is reasonably fast.  There's one solution that seemed to have worked well for me (after trying a few other suggested solutions).
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
This Micro Tutorial will teach you the basics of configuring your computer to improve its speed. It will also teach you how to disable programs that are running in the background simultaneously. This will be demonstrated using Windows 7 operating…
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question