Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Script that retrieves info from Event logs

Posted on 2014-01-18
5
Medium Priority
?
290 Views
Last Modified: 2014-02-17
As example, I need to search in event viewer to find logon/logoff history of User1,User2,…Userx

I can do that manually, by right clicking on System log or Security log then click find, then type the user name, this will work, but it takes too long to display the info

I need a Script that prompts me to enter the type of the log; system/application/security  then enter username and let the script funnel through the logs and display the info, or dump the output to a file.

Any gel will be very much appreciated.

Thanks
0
Comment
Question by:jskfan
  • 2
  • 2
5 Comments
 
LVL 44

Expert Comment

by:Rainer Jeschor
ID: 39791817
Hi,
short question: are you sticked to VBScript or are you also open for Powershell?
Thanks.
Rainer
0
 
LVL 22

Assisted Solution

by:Rick Hobbs
Rick Hobbs earned 2000 total points
ID: 39791851
0
 

Author Comment

by:jskfan
ID: 39828205
I checked the links above…
What I need is the event logs that are logged for a certain object, for instance a certain user, when did he logon successfully.
I use the built in Find option of the event logs, but it takes too long to show the results and then I will have to click next to go to  the next event related to user object….
0
 
LVL 22

Accepted Solution

by:
Rick Hobbs earned 2000 total points
ID: 39828743
From the third link supplied, it should display all entries that match what you are looking for.  You could, if you want, pipe the output to a file for later perusal.
0
 

Author Closing Comment

by:jskfan
ID: 39865750
I wil check it later..
Thanks
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
Suggested Courses

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question