Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Create/Deploy a custom event + view on W7 clients

Posted on 2014-04-17
7
Medium Priority
?
524 Views
Last Modified: 2014-04-29
On W7 clients, I need to create/deploy remotely a custom event to which  task is connected running as SYSTEM and with highest privileges. Additionally, I need to create remotely a custom view for this event. How can this be done via GP or script?

tia
0
Comment
Question by:GeologyETH
  • 4
  • 3
7 Comments
 
LVL 31

Expert Comment

by:merowinger
ID: 40006365
Event for Eventvwr or do you mean a schedules Task?
0
 

Author Comment

by:GeologyETH
ID: 40006518
I need to apply on remote W7 clients a scheduled task which is triggered by a custom event and which starts a script/program if the event appears. Additionally, a custom view for the custom event is needed on the clients.
0
 
LVL 31

Expert Comment

by:merowinger
ID: 40006569
Do you have any possibility to deploy that command to your Clients?
Group Policy, SCCM Server, ect.
If not you can do it manually on each Client from your Remote AdminPC with PSEXEC
http://technet.microsoft.com/de-de/sysinternals/bb897553.aspx

The command to create the Task is:
schtasks /create /TN "My Trigger" /RU SYSTEM  /TR "SomeAction.exe"  /SC ONEVENT /MO *[System/EventID=666]

Open in new window


With Psexec it would be like:
psexec \\Client1 "cmd /c schtasks /create /TN "My Trigger" /RU SYSTEM  /TR "SomeAction.exe"  /SC ONEVENT /MO *[System/EventID=177]"

Open in new window

0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:GeologyETH
ID: 40006651
I tried the schtasks cmd, but it seems that the /MO paramter doesn't work.

error: the specified channel could not be found. Check channel configuration.
(11,150):Subscription:<QueryList><Query><Select Path='(null)')*[System/EventID=10]</Select></Query></QueryList>
0
 

Author Comment

by:GeologyETH
ID: 40006743
ok, it works as

schtasks /create /TN "My Trigger" /RU SYSTEM /TR "SomeAction.exe" /SC ONEVENT /EC Application /MO *[Application/EventID=10]

Now, is there a possibility to enable "Run with highest privileges"?

Yes, I would like using a Group Policy.
0
 
LVL 31

Accepted Solution

by:
merowinger earned 2000 total points
ID: 40007101
Ok, i missed that Parameter.

SYSTEM (Local System) always has the highest privileges on a Client.

So you run it as a script, or how have you planned it?
0
 

Author Comment

by:GeologyETH
ID: 40029156
Sorry for the late reply. I think, I'll try to apply it by a script via GP. Custom views are stored in "C:\ProgramData\Microsoft\Event Viewer\Views\", so I'll create such a custom view for the custom events to and apply it by copying onto the clients.

Thank you for your help.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
Create a Windows 10 custom Image with custom task bar and custom start menu using XML for deployment.
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question