Hi Gonzalo -- It's not possible to centralize NT/2000 EventLogs to a single server without commercial third-party software. There's a variety of documentation on Windows logging on the Log Analysis web site. In particular, check out http://www.counterpane.com/log-windows.html http://www.counterpane.com/log-analysis.html#config_nonunix and for documentation on Event Log messages, http://www.microsoft.com/WINDOWS2000/techinfo/messages/default.asp HTH - tbird "I was being patient, but it took too long." - Anya, "Buffy the Vampire Slayer" Log Analysis: http://www.counterpane.com/log-analysis.html VPN: http://kubarb.phsx.ukans.edu/~tbird/vpn.html On Mon, 4 Feb 2002, Gonzalo Garcia wrote: > Hi, I´m trying to do some work with NT logs and I´ve some questions, > > Is possible to send all the logs to only one machine ? I've a PDC and 30 > BDC and would be excellent to get the logs from only one server. > > Where can I get the EventID descriptions ? > > I'm writing a tiny perl script using Win32::Eventlog module, it works fine > the system logs but when I try to read the security logs and call > $hash->read(args ....) method the User key of the hashref is not in text, > I´ve read some documents and there are "masks" to apply to some keys (e.g. > TimeGenerated ) but I could not find the mask, if any for the User key. Does > someone have some experience with this ? ( $Win32::EventLog::GetMessageText > is already set to 1 ). > > Does any know how to do this stuff using MFC or any non-commercial software > ? I just want to read the logs and according with the EventID send a > message ( may be the hole record ) to a DB server. > > > > > Sorry about my English. > Thanks in advance, > Gonzalo S. García. > > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Mon Feb 04 2002 - 10:39:35 PST