Re: [logs] About Windows NT/2000 logs

From: Chris Adams (cadamsat_private)
Date: Sun Mar 03 2002 - 20:51:14 PST

Next message: dgillettat_private: "RE: [logs] hack attempts && price"

Previous message: Tina Bird: "Re: [logs] About Windows NT/2000 logs"
In reply to: zxm: "[logs] About Windows NT/2000 logs"
Next in thread: H C: "Re: [logs] About Windows NT/2000 logs"
Next in thread: Chris Adams: "Re: [logs] About Windows NT/2000 logs"
Reply: H C: "Re: [logs] About Windows NT/2000 logs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sunday, March 3, 2002, at 07:08 , zxm wrote:
>    There are three types of logs in Windows NT/2000,including 
> Application log,Security log and System log.They are stored in 
> %systemroot%\system32\config.How do we gain the log data in the 
> logsfile except for the event viewer?I mean there is API to use whether 
> or not.

Yes - there's an entire API for manipulating the event logs. You might 
want to download Perl from ActiveState.com - they include the 
Win32::EventLog module by default and the documentation includes some 
examples. A little bit of scripting will make you wonder how you ever 
managed to live with the event viewer.

Chris

---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

Next message: dgillettat_private: "RE: [logs] hack attempts && price"
Previous message: Tina Bird: "Re: [logs] About Windows NT/2000 logs"
In reply to: zxm: "[logs] About Windows NT/2000 logs"
Next in thread: H C: "Re: [logs] About Windows NT/2000 logs"
Next in thread: Chris Adams: "Re: [logs] About Windows NT/2000 logs"
Reply: H C: "Re: [logs] About Windows NT/2000 logs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 04 2002 - 13:51:07 PST