Xulong Posted October 20, 2016 Share Posted October 20, 2016 I am trying to create a script to allow our continues integration tool to pickup the output (1 or 0 for example) after read the event log for a specific application and looking for critical, error and warning, the application is running on a different server from which the script will be running. How can I achieve that? Thank you in advance. Link to comment Share on other sites More sharing options...
JohnOne Posted October 20, 2016 Share Posted October 20, 2016 Can you do it locally? AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
Xulong Posted October 20, 2016 Author Share Posted October 20, 2016 Thanks for your reply JohnOne. I think short answer is No. The reason is the CI tool has to be able to execute the script locally not remotely. And the application event log I want to check is sit on another server. Is there a way I can achieve that? I know I can probably backup the event log file with that specific source and error/critical/warning filter, but how can I copy that across to the destination (CI server) and to validate the file there? Thanks. Link to comment Share on other sites More sharing options...
Jimwright Posted October 20, 2016 Share Posted October 20, 2016 Can you use WMI ? A long time ago I wrote a remote event viewer in AutoIt. The meat of which was: expandcollapse popupFunc FireToServer() $Instancesvar = IniReadSection(@scriptdir &"\evv.ini", "Instances") For $i = 1 To $Instancesvar[0][0] $ServerVar=IniReadSection (@scriptdir &"\evv.ini", $Instancesvar[$i][1]) For $j = 1 To $servervar[0][0] ;Call("Test",$Instancesvar[$i][1],$servervar[$j][1]) Call("EventViewRead",$Instancesvar[$i][1],$servervar[$j][1]) Call("ProgressBar",$Instancesvar[$i][1],$servervar[$j][1]) Next Next EndFunc ;;Debug Func Test($InstanceVar,$ServerVar) msgbox(0,"","Sent: " &$InstanceVar & "-" & $ServerVar) EndFunc ;;Debug Func eventviewread($Instancevar,$ServerVar) $TimesCalled=$TimesCalled+1 $Query_Clause = "Select * FROM Win32_NTLogEvent WHERE Logfile = 'Application' AND SourceName = 'MyServiceName' AND EventType=1 AND timewritten >='" & $EVDate & "'" $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate,(Security)}!\\" & $Servervar & "\root\cimv2") If IsObj($objWMIService) Then $colItems = $objWMIService.ExecQuery ($Query_Clause) If IsObj($colItems) Then For $objEvent In $colItems $Output=$Output & $InstanceVar & "," & $ServerVar & "," $Output=$Output & StringRight(Stringleft($objEvent.TimeWritten,8),2) & "/" & Stringmid(StringLeft($objEvent.TimeWritten,8),5,2) & "/" & Stringleft(Stringleft($objEvent.TimeWritten,8),4) & "," $Output=$Output & StringRight(StringLeft($ObjEvent.TimeWritten,10),2) & ":" & StringRight(StringLeft($ObjEvent.TimeWritten,12),2) & ":" & StringRight(StringLeft($objEvent.TimeWritten,14),2) & "," & $objEvent.Message #cs $Output &= "Category: " & $objEvent.Category & @CRLF $Output &= "Computer Name: " & $objEvent.ComputerName & @CRLF $Output &= "Event Code: " & $objEvent.EventCode & @CRLF $Output &= "Message: " & $objEvent.Message & @CRLF $Output &= "Record Number: " & $objEvent.RecordNumber & @CRLF $Output &= "Source Name: " & $objEvent.SourceName & @CRLF $Output &= "Time Written: " & $objEvent.TimeWritten & @CRLF $Output &= "Event Type: " & $objEvent.Type & @CRLF $Output &= "User: " & $objEvent.User & @CRLF If MsgBox(64 + 4, "Entry Found:", $Output & @CRLF & @CRLF & "Continue?") = 7 Then Exit #ce Next Else $Output="$colItems is not an object." EndIf Else $Output="$objWMIService is not an object." EndIf ;call("WriteCSV",$Output) if $TimesCalled=$TotalCalls Then call("WriteCSV",$Output) EndIf EndFunc and the ACTUAL meat being $Query_Clause = "Select * FROM Win32_NTLogEvent WHERE Logfile = 'Application' AND SourceName = 'MyServiceName' AND EventType=1 AND timewritten >='" & $EVDate & "'" $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate,(Security)}!\\" & $Servervar & "\root\cimv2") If IsObj($objWMIService) Then $colItems = $objWMIService.ExecQuery ($Query_Clause) Take a look here: https://msdn.microsoft.com/en-us/library/aa389290(v=vs.85).aspx Xulong 1 Link to comment Share on other sites More sharing options...
Xulong Posted October 20, 2016 Author Share Posted October 20, 2016 Thank you Jimwright, The ACTUAL meat is probably what I am looking for. Link to comment Share on other sites More sharing options...
JohnOne Posted October 21, 2016 Share Posted October 21, 2016 I was asking if you have code to do the task locally on your own machine. If so, you can use a tool like pexec (I think) to execute it on a remote macine. AutoIt can not natively do what you want. AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
PACaleala Posted October 26, 2016 Share Posted October 26, 2016 @OP : Microsoft has created sometime ago a tool for this kind of job called "wevtutil". Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now