0

Code snippets : Windows : Importing Event Logs to Database

-

Code snippet from old archives. It shows how to import Windows event log entries to database. Important is to setup database and table accordingly, so it contains apropriate columns.

Set objConn = CreateObject("ADODB.Connection")
Set objRS = CreateObject("ADODB.Recordset")
objConn.Open "DSN=EventLogs;"
objRS.CursorLocation = 3
objRS.Open "SELECT * FROM tblEventLog" , objConn, 3, 3
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colRetrievedEvents = objWMIService.ExecQuery _
("Select Category, CategoryString, ComputerName, Data, EventCode, _
EventIdentifier, EventType, LogFile, Message, RecordNumber, SourceName, _
TimeGenerated, TimeWritten, Type, User from Win32_NTLogEvent")
For Each objEvent in colRetrievedEvents
objRS.AddNew
objRS("el_Category") = objEvent.Category
objRS("el_CategoryString") = objEvent.CategoryString
objRS("el_ComputerName") = objEvent.ComputerName
objRS("el_Data") = objEvent.Data
objRS("el_EventCode") = objEvent.EventCode
objRS("el_EventIdentifier") = objEvent.EventIdentifier
objRS("el_EventType") = objEvent.EventType
objRS("el_LogFile") = objEvent.LogFile
objRS("el_Message") = objEvent.Message
objRS("el_RecordNumber") = objEvent.RecordNumber
objRS("el_SourceName") = objEvent.SourceName
objRS("el_TimeGenerated") = objEvent.TimeGenerated
objRS("el_TimeWritten") = objEvent.TimeWritten
objRS("el_Type") = objEvent.Type
objRS("el_User") = objEvent.User
objRS.Update
Next
objRS.Close
objConn.Close
1

Code snippets : Windows : Clear Event Logs

-

From script repository I did use in the past, VBscript which allows to clear EvenLog on Windows machine. I did use that on computers with Windows XP and Windows Server 2003. however, this script will work also on Windows 7 and Windows server 2008.

By default script clears EventLog on computer where script is executed. To clear logs on remote machine just modify variable strComputer and replace dot with name of the target machine.

Script will read all EvenLog files from machine and will go through them removing all events.

And here is script itself :

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate, (Backup, Security)}!\\" _
& strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
("Select * from Win32_NTEventLogFile")
For each objLogfile in colLogFiles
objLogFile.ClearEventLog()
Next
0

Code snippets : VBscript : Ping all computers from Active Directory OU

-

Here is quick script which connects to Active Directory, reads all computer accounts from Organization Unit (OU) indicated in script and then pings all computers found in that OU. It might be handy if all server accounts are located in one OU.

(more…)

0

Code snippets : VBscript : Change local admin username and password

-

Script I used as computer statup script pushed via GPO. It renames local Administrator to Admin and sets password for Admin account to one specified in script.
(more…)

1

Code snippets : VBscript : Change My Computer icon description

-

Script changes description of My Computer icon to display Computer: ComputerName

Can be very handy when troubleshooting computer remotely when we require user to tell us name of the computer user works on.
Script works on Windows 2000/XP/Vista/7.

(more…)