Click here to get back home

Help Eventlog Perl Script
 HomeNewsGroups | Search | About
Login Password
Register Now!
 comp.lang.perl.modules    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Help Eventlog Perl Script jrcjlp 05-28-2007
Posted by jrcjlp on May 28, 2007, 11:27 am
Please log in for more thread options

All,

I will appreciate all help with the following script.

NOTE: I found the script at http://www.roth.net/perl/scripts/

Run the script : perl scriptname.pl -t AUDIT_SUCCESS -l Security -n 5
> filename.txt

How do I set the variables in the script and send the result to
filename.txt

# CheckEventLog.pl
# This script checks the Win32 Event Log for various errors.

use Getopt::Long;
use Time::Local;
use Win32::EventLog;

$VERSION = 20070522;
$SEC = 1;
$MIN = 60 * $SEC;
$HOUR = 60 * $MIN;
$DAY = 24 * $HOUR;

# open up MYFILE for writing
open(OUT,">myfile.txt") or die "Can't open up myfile: $!\n";

%EVENT_TYPE = (
eval EVENTLOG_AUDIT_FAILURE => 'AUDIT_FAILURE',
eval EVENTLOG_AUDIT_SUCCESS => 'AUDIT_SUCCESS',
eval EVENTLOG_ERROR_TYPE => 'ERROR',
eval EVENTLOG_WARNING_TYPE => 'WARNING',
eval EVENTLOG_INFORMATION_TYPE => 'INFORMATION',
);

%Config = (
log => 'Security',
);

Configure( \%Config );
if( $Config )
{
Syntax();
exit;
}
if( defined $Config )
{
my( $Year, $Month, $Day ) = ( $Config =~ /^(\d).(\d).
(\d)/ );
$TIME_LIMIT = timelocal( 0, 0, 0, $Day, $Month - 1, $Year -
1900 );
}

elsif( $Config || $Config || $Config)
{
$TIME_LIMIT = time() - ( $DAY * $Config ) - ( $HOUR *
$Config ) - ( $MIN * $Config );
}

if( ! scalar @} )
{
push( @}, Win32::NodeName );
}

if( defined( $Config ) )
{
foreach my $Mask ( @} )
{
# Try referencing the EVENTLOG_xxxx_TYPE and EVENTLOG_xxxxx
# constants. One of them is bound to work.
$EVENT_MASK |= eval( "EVENTLOG_" . uc( $Mask ) . "_TYPE" );
$EVENT_MASK |= eval( "EVENTLOG_" . uc( $Mask ) );
}
}
else
{
map
{
$EVENT_MASK |= 0 + $_;
}( keys( %EVENT_TYPE ) );
}

# Tell the extension to always attempt to fetch the
# event log message table text
$Win32::EventLog::GetMessageText = 1;
$~ = MYFILE;
foreach my $Machine ( @} )
{
my $MYFILE;
if( $MYFILE = Win32::EventLog->new( $Config, $Machine ) )
{
my %Records;
local %Event;
local $Count = 0;

while( ( $MYFILE->Read( EVENTLOG_BACKWARDS_READ
| EVENTLOG_SEQUENTIAL_READ,
0,
\%Event ) )
&& ( $Event > $TIME_LIMIT ) )
{
# Display the event if it is one of our requested
# event types
$Count++;
write if( $Event & $EVENT_MASK );
}
}
else
{
print "Can not connect to the $Config Event Log on
$Machine.\n";
}
}

sub Configure
{
my( $Config ) = @_;

Getopt::Long::Configure( "prefix_pattern=(-|\/)" );
$Result = GetOptions( $Config,
qw(
machine|m=s@
log|l=s
type|t=s@
hour|h=i
min|n=i
day|d=i
date=s
help|?
)
);
$Config-> = 1 if( ! $Result );
push( @}, Win32::NodeName() ) unless( scalar
@} );
}

sub Syntax
{
my( $Script ) = ( $0 =~ /([^\]*?)$/ );
my $Whitespace = " " x length( $Script );
print<< "EOT";

Syntax:
$Script [-m Machine] [-t EventType] [-l Log]
$Whitespace [-n Minutes] [-h Hours] [-d Days] [-date Date]
$Whitespace [-help]
-m Machine......Name of machine whose Event Log is to be
examined.
This switch can be specified multiple times.
-t EventType....Type of event to display:
ERROR
WARNING
INFORMATION
AUDIT_SUCCESS
AUDIT_FAILURE
This switch can be specified multiple times.
-l Log..........Name of Event Log to examine. Common examples:
Application
Security
System
This switch can be specified multiple times.
-h Hours........Will consider events between now and the
specified
number of hours previous.
-n Minutes......Will consider events between now and the
specified
number of minutes previous.
-d Days.........Will consider events between now and the
specified
number of days previous.
-date Date......Will consider events between now and the
specified
date. Date is in international time format
(eg. 2007.05.22)
EOT
}

format MYFILE =
---------------------------------
@>>>>> @<<<<<<<<<<<<<<<<<<<<<<<<<<<<
^<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
$Event, "\" . $Event, $Event
@<<<<<<<<<<<<<<<<<<<<<<<<<<<<
^<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
scalar localtime( $Event ), $Event
Type: @<<<<<<<<<<<<<<<<<<<<<<
^<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
$EVENT_TYPE}, $Event
Source: @<<<<<<<<<<<<<<<<<<<<
^<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
$Event, $Event
~
^<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
$Event
~
^<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
$Event
~
^<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
$Event
~
^<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
$Event
~
^<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
$Event
.


Posted by Brian McCauley on May 29, 2007, 2:02 pm
Please log in for more thread options

On May 28, 4:27 pm, jrc...@yahoo.com wrote:
>
> Newgroups: comp.lang.perl.modules

> I will appreciate all help with the following script.

Can you explain what you think this has anything to do with modules?

> NOTE: I found the script athttp://www.roth.net/perl/scripts/

Note: the comp.lang.* Usenet hierarchy is for discussing and learning
programming languages. It's not a resource for people with no interest
in learning a programming language to get free bespoke alterations
made to programs you found laying about somewhere.

> Run the script : perl scriptname.pl -t AUDIT_SUCCESS -l Security -n 5
>
> > filename.txt
>
> How do I set the variables in the script and send the result to
> filename.txt

It is almost completely unclear what you could be asking. When asking
a question always read it back pretending you didn't already know what
you were trying to ask.

The only thing I can guess is that you are asking is how you could
modify the script so that just doing...

perl scriptname.pl

...would have the effect you currently get from...

perl scriptname.pl -t AUDIT_SUCCESS -l Security -n 5 > filename.txt

Is that what you were asking?


Posted by jrcjlp on May 29, 2007, 4:04 pm
Please log in for more thread options


> On May 28, 4:27 pm, jrc...@yahoo.com wrote:
>
>
>
> > Newgroups: comp.lang.perl.modules
> > I will appreciate all help with the following script.
>
> Can you explain what you think this has anything to do with modules?
>
> > NOTE: I found the script athttp://www.roth.net/perl/scripts/
>
> Note: the comp.lang.* Usenet hierarchy is for discussing and learning
> programming languages. It's not a resource for people with no interest
> in learning a programming language to get free bespoke alterations
> made to programs you found laying about somewhere.
>
> > Run the script : perl scriptname.pl -t AUDIT_SUCCESS -l Security -n 5
>
> > > filename.txt
>
> > How do I set the variables in the script and send the result to
> > filename.txt
>
> It is almost completely unclear what you could be asking. When asking
> a question always read it back pretending you didn't already know what
> you were trying to ask.
>
> The only thing I can guess is that you are asking is how you could
> modify the script so that just doing...
>
> perl scriptname.pl
>
> ...would have the effect you currently get from...
>
> perl scriptname.pl -t AUDIT_SUCCESS -l Security -n 5 > filename.txt
>
> Is that what you were asking?


New to perl just was asking for help. Sorry I posted/asked question
in wrong group.


Please, no reply
Please, no reply
Please, no reply
Please, no reply
Please, no reply
Please, no reply
Please, no reply
Please, no reply
Please, no reply
Please, no reply
Please, no reply
Please, no reply
Please, no reply
Please, no reply
Please, no reply
Please, no reply



Similar ThreadsPosted
Executables out of perl script? April 20, 2006, 7:30 am
Executables out of perl script? April 20, 2006, 7:30 am
Executables out of perl script? April 20, 2006, 7:56 am
New to perl module would like to learn how to run this script. January 18, 2005, 11:29 pm
How to invoke a CGI script within a Perl program ? May 6, 2005, 12:35 pm
getting output of telnet from perl script April 10, 2006, 5:35 am
Newbie: Bundling Perl script and modules in a Mac OS X app? May 17, 2005, 5:44 pm
"Devel::DProf" on a PERL script uses "Test::More" December 5, 2005, 5:36 pm
Loading Perl Modules from same directory as script February 13, 2006, 5:27 pm
Loading Perl Modules from same directory as script February 13, 2006, 5:35 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap