extracting event logs to a file

G

Gnaneshwar Babu

Hi

I am facing a problem with extracting event logs of win32 to a file.
Am using the following code to extract eventlogs to file

use Win32::EventLog;
$handle=Win32::EventLog->new("System", $ENV{ComputerName})
or die "Can't open Application EventLog\n";
$handle->GetNumber($recs)
or die "Can't get number of EventLog records\n";
$handle->GetOldest($base)
or die "Can't get number of oldest EventLog record\n";
while ($x < $recs) {
$handle->Read(EVENTLOG_FORWARDS_READ|EVENTLOG_SEEK_READ,
$base+$x,
$hashRef)
or die "Can't read EventLog entry #$x\n";
if ($hashRef->{Source} eq "EventLog") {
Win32::EventLog::GetMessageText($hashRef);
print "Entry $x: $hashRef->{Message}\n";
}
$x++;
}

from this program i used get a output as shown bellow
----------------------------------------------------------------
C:\babu>perl eventlogg.pl
Entry : The Event log service was stopped.

Entry 1: Microsoft (R) Windows 2000 (R) 5.0 2195 Service Pack 3
Uniprocessor Fre
e.

Entry 2: The Event log service was started.

Entry 3: The Event log service was stopped.

Entry 4: Microsoft (R) Windows 2000 (R) 5.0 2195 Service Pack 3
Uniprocessor Fre
e.

Entry 5: The Event log service was started.

Entry 6: The Event log service was stopped.

Entry 7: Microsoft (R) Windows 2000 (R) 5.0 2195 Service Pack 3
Uniprocessor Fre
e.

Entry 8: The Event log service was started.

Entry 21: The Event log service was stopped.

Entry 22: Microsoft (R) Windows 2000 (R) 5.0 2195 Service Pack 3
Uniprocessor Fr
ee.

Entry 23: The Event log service was started.

Entry 24: The Event log service was stopped.

Entry 25: Microsoft (R) Windows 2000 (R) 5.0 2195 Service Pack 3
Uniprocessor Fr
ee.
--------------------------------------------------------------------
but i need a output as shown bellow

----------------------------------------------------------------------
Type Date Time Source Category Event User Computer
Information 12/31/2003 11:15:38 AM Dnsapi None 11152 N/A BDCVF-6GZR
Information 12/31/2003 11:15:17 AM VMnetuserif None 4 N/A BDCVF-6GZR
Information 12/31/2003 11:15:17 AM VMnetuserif None 1 N/A BDCVF-6GZR
Information 12/31/2003 11:14:26 AM VMnetAdapter None 34 N/A BDCVF-6GZR
Information 12/31/2003 11:14:26 AM VMnetAdapter None 34 N/A BDCVF-6GZR
Information 12/31/2003 11:14:40 AM eventlog None 6005 N/A BDCVF-6GZR
Information 12/31/2003 11:14:40 AM eventlog None 6009 N/A BDCVF-6GZR
Information 12/31/2003 11:13:42 AM eventlog None 6006 N/A BDCVF-6GZR
Warning 12/30/2003 1:40:08 PM Dnsapi None 11150 N/A BDCVF-6GZR
Information 12/30/2003 1:40:08 PM Dnsapi None 11156 N/A BDCVF-6GZR
Warning 12/30/2003 1:28:51 PM Dnscache None 11050 N/A BDCVF-6GZR
Information 12/30/2003 1:22:52 PM Browser None 8033 N/A BDCVF-6GZR
Information 12/30/2003 1:20:49 PM Dnsapi None 11152 N/A BDCVF-6GZR
Information 12/30/2003 1:20:48 PM Dnsapi None 11152 N/A BDCVF-6GZR
Information 12/26/2003 8:50:04 PM Application
Popup None 26 N/A BDCVF-6GZR
Information 12/24/2003 6:26:53 PM W32Time None 593 N/A BDCVF-6GZR
Error 12/22/2003 11:46:41 AM VMnetDHCP None 2 N/A BDCVF-6GZR
Information 12/22/2003 11:43:51 AM Dnsapi None 11152 N/A BDCVF-6GZR
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,733
Messages
2,569,439
Members
44,829
Latest member
PIXThurman

Latest Threads

Top