leputain
Advanced Member | Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
Код: WScript.Echo("EVENTLOG DUMP"); var wbemFlagReturnImmediately = 0x10; var wbemFlagForwardOnly = 0x20; var arrComputers = new Array("HOME","ADMIN1"); var strBackup = "c:\\" for (i = 0; i < arrComputers.length; i++) { var objWMIService = GetObject("winmgmts:{(Backup,Security)}\\\\" + arrComputers[i] + "\\root\\CIMV2"); WScript.Echo(arrComputers[i] + ": CONNECT"); var colItems = objWMIService.ExecQuery("SELECT * FROM Win32_NTEventlogFile", "WQL", wbemFlagReturnImmediately | wbemFlagForwardOnly); WScript.Echo(arrComputers[i] + ": WMI QUERY"); var enumItems = new Enumerator(colItems); for (; !enumItems.atEnd(); enumItems.moveNext()) { var objItem = enumItems.item(); var strBackupFile = strBackup + arrComputers[i] + "_" + TimeNow() + "_" + objItem.LogfileName + ".evt"; try { objItem.BackupEventLog(strBackupFile) } catch(e) { WScript.Echo(strBackupFile + " couldn't be saved."); } WScript.Echo(arrComputers[i] + ": " + objItem.LogfileName + " DUMPED"); try { objItem.ClearEventLog() } catch(e) { WScript.Echo(objItem.LogfileName + " couldn't be cleared."); } WScript.Echo(arrComputers[i] + ": " + objItem.LogfileName + " CLEARED"); } var fso; fso = new ActiveXObject("Scripting.FileSystemObject"); fso.MoveFile("\\\\" + arrComputers[i] + "\\c$\\*.evt", "\\\\HOME\\eventlog\\"); WScript.Echo(arrComputers[i] + ": DUMPS COLLECTED"); WScript.Echo(arrComputers[i] + ": DISCONNECT"); } function TimeNow() { d = new Date(); var strNow = ""; strNow += LeadingZero(d.getFullYear()) + "_"; strNow += LeadingZero((d.getMonth()) + 1) + "_"; strNow += LeadingZero(d.getDate()) + "_"; strNow += LeadingZero(d.getHours()) + "_"; strNow += LeadingZero(d.getMinutes()) + "_"; strNow += LeadingZero(d.getSeconds()); return(strNow); } function LeadingZero(intNum) { if (10 > intNum) { intNum = "0" + intNum;} return(intNum); } |
замечание за нарушение пункта 3.9 Правил форума. Исправлено. кстати, лучше было бы не копировать код сюда, а продолжать в теме Сбор логов из Event Log на центральный сервер. dg | Всего записей: 1434 | Зарегистр. 24-11-2002 | Отправлено: 04:10 17-03-2005 | Исправлено: dg, 10:05 17-03-2005 |
|