Hi, I´m trying to do some work with NT logs and I´ve some questions, Is possible to send all the logs to only one machine ? I've a PDC and 30 BDC and would be excellent to get the logs from only one server. Where can I get the EventID descriptions ? I'm writing a tiny perl script using Win32::Eventlog module, it works fine the system logs but when I try to read the security logs and call $hash->read(args ....) method the User key of the hashref is not in text, I´ve read some documents and there are "masks" to apply to some keys (e.g. TimeGenerated ) but I could not find the mask, if any for the User key. Does someone have some experience with this ? ( $Win32::EventLog::GetMessageText is already set to 1 ). Does any know how to do this stuff using MFC or any non-commercial software ? I just want to read the logs and according with the EventID send a message ( may be the hole record ) to a DB server. Sorry about my English. Thanks in advance, Gonzalo S. García. --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Mon Feb 04 2002 - 10:32:59 PST