Subscribe to Windows IT Pro
August 10, 2010 12:01 AM

Event Log Scanner

Generate custom reports detailing event log activity
Brandon Jones
Windows IT Pro
InstantDoc ID #125606
Rating: (4)
Downloads
125606.zip

As a Windows systems administrator, it's often helpful to examine event logs on machines experiencing problems. But many times when I see an error event in the logs, I find myself wondering whether the same error is happening on other machines or how often the error is happening throughout my network. Trying to gather this information manually is extremely tedious and can take hours depending on the size of the network. That's why I wrote EventLogScanner.vbs—it quickly generates custom reports detailing the event log activity of Windows XP machines on a network.

When you execute the script, you're prompted to enter the following:

  1. Which event log to scan (Application log or System log)
  2. The event ID number you want the script to look for
  3. A date range over which you want the script to scan

The script then uses the criteria you entered to scan each machine on your network. When finished, it generates a report in Microsoft Excel that displays the following for each machine on your network:

  • Date of scan
  • Type of log (Application or System)
  • Event ID number
  • Host name
  • Date range scanned
  • Count (number of times the specified event ID occurred on that host within the date range)
  • Most recent occurrence (the most recent date the specified event ID occurred on that host within the date range)
  • Last user (the username of the person who last logged on to that host before the event ID occurred)

You can download EventLogScanner.vbs by clicking the Download the Code Here button near the top of the page. There are three things you need to do to make this event log scanner work in your environment:

  1. If you don’t have one already, create a text file containing a list of every XP hostname on your network. Each host should be on a separate line in the file.
  2. Find the line

    Const PATH = "\\PATH\"

    and replace \\PATH\ with the location of the directory where you want the results to be logged.
  3. Find the line

    Const PCLIST = "\\PATH\HOSTNAMES.TXT"

    and replace \\PATH\HOSTNAMES.TXT with the pathname of the file containing your list of hosts.

With EventLogScanner.vbs, I can quickly identify errors occurring throughout our network as well as determine if a particular error is simply an anomaly or part of a larger problem that's affecting multiple hosts. It works as is on XP hosts, but you could easily modify it to work on other versions of Windows as well.

Related Content:

ARTICLE TOOLS

Comments
Add A Comment
  • LORENTZEN
    2 years ago
    Sep 29, 2010

    While SCHELLENGER makes a valid point on the age and condition of XP, it's still going to be with us for a long time to come. Over 95% of my customers are running XP and most will probably only move to 7 through attrition. This is an EXCELLENT tool to add to my diagnostic arsenal.

  • SCHELLENGER
    2 years ago
    Sep 28, 2010

    Here we are well into Windows 7 and you are still providing scripts that run as-is for XP. It seems to me that to ecourage the move away from the nearly obsolete, security vulnerable XP you would be offering script that run well as-is on Windows 7, but can be modified to run on earlier OS versions.

You must log on before posting a comment.

Are you a new visitor? Register Here

advertisement

advertisement

Dev Pro Left-Brain SharePoint Pro SQL Server Pro SuperSite for Windows Windows IT Pro

© 2012 Penton Media, Inc.

Home About Us Advertise Customer Service Privacy Statement Subscribe/Renew Terms Of Use

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.