1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38
|
use Win32::EventLog;
@lserv=(serveur1,serveur2);
# Fonction d'analyse de l'eventlog.
foreach (@lserv)
{
$serv = $_;
print "$serv\n";
$handle=Win32::EventLog->new("System",$serv)
or die "Can't open Application EventLog\n";
$handle->GetNumber($recs)
or die "Can't get number of EventLog records\n";
$handle->GetOldest($base)
or die "Can't get number of oldest EventLog record\n";
while ($x < $recs) {
$handle->Read(EVENTLOG_SEEK_READ|EVENTLOG_BACKWARDS_READ,$base+$x,$hashRef)
or die "Can't read EventLog entry #$x\n";
$hashRef->{'EventID'} = $hashRef->{'EventID'} & 0xffff;
($sec,$min,$hour,$mday,$mon,$year,$sday,$yday,$isdst) = localtime($hashRef->{'TimeGenerated'});
if ($hashRef->{EventID} eq "6006" )
{
Win32::EventLog::GetMessageText($hashRef);
print "$mday/",$mon+1,"/",$year+1900,"\t$hour:$min\t".$hashRef->{EventID}."\t";
print "Entry $x: $hashRef->{Source}\n";
}
$x++;
}
} |
Partager