vbScript pour utiliser logparser

**Yodaf** · 09/08/2007, 16h03

salut,
J'ai chopper un script sur le net qui conviendrait à mes attentes pour me retourner les events de serveurs en utilisant logparser.

cependant sa ne joue pas comme prévue, alors je fait appel à vos connaissances d'experts pour savoir ce que je dois modifier dans ce script pour avoir cette

requete :

LogParser "SELECT * INTO dbo.LogRepository FROM System,Application where (EventTypeName = 'Error event') AND (TimeWritten >= SUB( TO_LOCALTIME(SYSTEM_TIMESTAMP()), TIMESTAMP('0000-01-02', 'yyyy-MM-dd') ) )"

Script :

'

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
 Define query to get list of available logs
strQueryEvtLogs ="select distinct KeyName from \\" & strSystem & _
                  "\HKLM\SYSTEM\CurrentControlSet\Services\EventLog where KeyName = 'EventLog'"
 
' Define template for pulling event logs
strQueryTemplate = "Select '" & strSystem "',*" &_
                   "into " & strSQLTable & " from '\\" & strSystem & "\"

**ced600** · 09/08/2007, 16h14

Utilises les balises de codes pour ton code quand tu postes.
Peux tu donner plus de détail sur ce que tu veux faire et sur ce qu'est strSystem, et strSQLTable ?

**Yodaf** · 09/08/2007, 17h01

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
Option Explicit
On Error Resume Next

' ******************************************************************************
' Define Variables

' Define strings
Dim strQueryEvtLogs, strSystem, strQueryTemplate, strQuery, strUserName, strPassword
Dim strCheckPointLoc, strSQLTable
' Log Parser Objects
Dim oLogQuery, oInputReg, oInputEvt, oOutputSQL
' Results objects
Dim oLogList, oCurLog, oSQLBatch
' Netowrking objects
Dim oNetwork

' ******************************************************************************
' Check for Arguments

Wscript.Echo "Checking Arguments...."

' Check for host name argument
If Wscript.Arguments.Count = 3 Then

    strSystem = Wscript.Arguments(0)
    strUserName = Wscript.Arguments(1)
    strPassword = Wscript.Arguments(2)

Else ' if there are no arguments supplied

    EndProg(1) ' Quit Returning Error Code 1 (bad or missing arguments)

End If

Wscript.Echo "Performing pull on host: " & strSystem ' Debugging
Wscript.Echo ""


' ******************************************************************************
' Define initial variables
Set oNetwork = CreateObject("WScript.Network")
' Instantiate LogParser Objects
Set oLogQuery = CreateObject("MSUtil.LogQuery")
Set oInputReg = CreateObject("MSUtil.LogQuery.RegistryInputFormat")
Set oInputEvt = CreateObject("MSUtil.LogQuery.EventLogInputFormat")
Set oOutputSQL = CreateObject("MSUtil.LogQuery.SQLOutputFormat")

'strSystem = "pc-lab35.ca.descartes.com" ' Define system to work on
oInputReg.recurse = 1 ' Define options for registry input for log list

strCheckPointLoc = "r:\events\"
strSQLTable = "TestSystems"
oOutputSQL.server = "server name" ' Define ODBC Settings
oOutputSQL.database = "database name" ' Define ODBC Settings
oOutputSQL.username = "user name" ' Define ODBC Settings
oOutputSQL.password = "password" ' Define ODBC Settings
oOutputSQL.driver = "SQL Server" ' Define ODBC Settings
'oOutputSQL.CreateTable = True ' only used to initially create table

' Define query to get list of available logs
strQueryEvtLogs = "select distinct KeyName from \\" & strSystem & _
                  "\HKLM\SYSTEM\CurrentControlSet\Services\EventLog where KeyName <> 'EventLog'"

' Definte template for pulling event logs
strQueryTemplate = "Select '" & strSystem & "' as System, *, RESOLVE_SID" & _
                   "(SID) into " & strSQLTable & " from '\\" & strSystem & "\"

' ******************************************************************************
' Map Network Drive

oNetwork.MapNetworkDrive "", "\\" & strSystem, , strUsername, strpassword

If Err.Number = -2147023570 Or Err.Number = -2147023677 Then ' bad credentials or different credentials on existing share
    wscript.echo Err.Description
    EndProg(2)
End If
Wscript.echo "Successfully mapped " & "\\" & strSystem

' ******************************************************************************
' Begin Code Execution

' Generate list of log files
Set oLogList = oLogQuery.Execute(strQueryEvtLogs, oInputReg)

' Visit all event logs
Do While Not oLogList.atEnd

    ' Get the event log name
    Set oCurLog = oLogList.getRecord

    ' Build new query using log to pull from
    strQuery = strQueryTemplate & oCurLog.getValue ( 0 ) & "'"

    ' display query to string (debugging)
    wscript.echo strQuery

    ' Define checkpoint file for specified log
    oInputEvt.iCheckpoint = strCheckPointLoc & strSystem & "_" & oCurLog.getValue ( 0 ) & ".lpc"    ' Local testing version

    ' Execute pull to SQL
    oLogQuery.ExecuteBatch strQuery, oInputEvt, oOutputSQL

    wscript.echo "Records Processed: " & oLogQuery.inputUnitsProcessed
    wscript.echo Err.Description ' Output any error messages encountered

    ' Advance LogList to next record
    oLogList.moveNext

Loop

EndProg(0) ' End Program Successfully

' ******************************************************************************

' Procedure to end the program and properly close all used objects and return
' any associated error messages.

Sub EndProg(intCode)
    oNetwork.RemoveNetworkDrive "\\" & strSystem, true

    ' Release objects
    Set oLogQuery = Nothing
    Set oInputReg = Nothing
    Set oInputEvt = Nothing
    Set oOutputSQL = Nothing
    Set oLogList = Nothing
    Set oCurLog = Nothing
    Set oNetwork = Nothing

    If intCode = 0 Then
        Wscript.Quit 0
    Else
        Wscript.echo ""
        Wscript.echo ""
        If intCode = 1 Then wscript.echo "Failed to run - bad or missing arguments" End If
        If intCode = 2 Then wscript.echo "Unable to make connection to server, bad credentials." End If

        Wscript.echo ""
        wscript.echo "Usage: logparser.vbs <host FQDN> <username> <password>"
        Wscript.echo ""
        Wscript.echo ""
        Wscript.Quit intCode
    End If
End Sub

Voilà je souhaite modifier ce script pour pouvoir utiliser ma requête, que j'ai affiché plus haut en vert. Je pense que cela se situe dans ce que j'ai mis en rouge.

**ced600** · 09/08/2007, 17h09

Et en copiant ta requete dans strQueryEvtLogs cela donne koi ?

**ced600** · 09/08/2007, 17h10

Et pour les balises de codes il faut utiliser le # lorsque tu postes un message.

**Yodaf** · 09/08/2007, 17h16

voilà ce que ça donne.

**Yodaf** · 10/08/2007, 10h35

Voilà mes dernière modifs, mais ça marche tjs pas...

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
' Define query to get list of available logs
strQueryEvtLogs ="SELECT * FROM System,Application where (EventTypeName = 'Error event') AND (TimeWritten >= SUB( TO_LOCALTIME(SYSTEM_TIMESTAMP()), TIMESTAMP('0000-01-02', 'yyyy-MM-dd') ) )"
 
 
' Define template for pulling event logs
strQueryTemplate = "Select * into " & strSQLTable & " from '\\" & strSystem & "\"

et voilà ma nouvelle erreur.

vbScript pour utiliser logparser

VBScript

Vue hybride

Discussions similaires

Partager

Partager