Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Perl script to parse multiple windows event logs.
Top Forums Shell Programming and Scripting Perl script to parse multiple windows event logs. Post 302740901 by kar_333 on Friday 7th of December 2012 05:17:19 AM
Old 12-07-2012
Perl script to parse multiple windows event logs.
Hi all,

I am developing a log parsing agent in perl to send windows Event logs to Zenoss Monitoring tool. Using Win32::EventLog i can able to get the Event messages but only one Eventype eg Application or System could able to parse at a time. Can you please help to how to open mutiple eventlogs at a time I need to get the total number of events combining all these event types. Below is my code which i tried
Code:
 
my @log_type =("Application", "Security", "Setup", "System", "Forwarded Events"); 
foreach $logs_type (@log_type){ #print "$logs_type\n"; Win32::EventLog::Open($EventLog, $logs_type,'') or die "Could not open System log:$^E\n"; 
$EventLog->Win32::EventLog::GetNumber($numevents); 
print "$numevents"; 
}

 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Perl script to rotate logs

I have a shell script that will gzip/tar/archive application logs that are over 20 days old which works just fine, but I would like to convert to a Perl script. Problem is, I'm a beginner with Perl and all attempts so far have failed. Basicaly I have a log dir /app/logs that contains several... (18 Replies)
Discussion started by: theninja
18 Replies

2. Solaris

ILOM event logs

Hello I have a server Sun Fire X4250. Few days ago I take a look to ILOM -> System Monitoring -> log events. I saw some lines that I don't understand, for example: 5800 Chassis Action major Oct 30 23:58:35 2009 Hot insertion of /SYS/DBP/HDD12 5799 Chassis ... (3 Replies)
Discussion started by: marimontes
3 Replies

3. Shell Programming and Scripting

Perl script to parse all files in the folder

Hello Smart People! I have a perl script that will import xml data into an access db. I would like to modify it so it will automatcially parse through all xml files in the folder. I swa a post but couldnt get it working. her is what my scrip looks like, i only list the top if you need more... (3 Replies)
Discussion started by: cowboymaverick
3 Replies

4. Shell Programming and Scripting

Combine multiple unique lines from event log text file into one line, use PERL or AWK?

I can't decide if I should use AWK or PERL after pouring over these forums for hours today I decided I'd post something and see if I couldn't get some advice. I've got a text file full of hundreds of events in this format: Record Number : 1 Records in Seq : ... (3 Replies)
Discussion started by: Mayday22
3 Replies

5. Shell Programming and Scripting

sed script to parse logs issue

I have this script to parse some logs: #!/bin/bash id=$1 shift sed "/(id=$id)/,/^$/!d" "$@" Usage: ./script.sh 1234 logfile The logs have an empty line before the logged events/timestamps -- most of the time. And this is my issue, since when there is no empty line, it will catch things... (4 Replies)
Discussion started by: KidCactus
4 Replies

6. Shell Programming and Scripting

Unable to get full message text from Windows Event Logs

Hi all, . I am developing a log monitoring solution in perl for Windows I am using the CPAN module Win32 ::EventLog (0.076) version for getting the events from windows. The problem which I am facing now is all the Windows 2008 machines are upgraded with Service pack2 from then I couldn’t able... (2 Replies)
Discussion started by: kar_333
2 Replies

7. Shell Programming and Scripting

Perl script to extract last 24 hrs logs from cronlog

Hi Friends, Can anybody help me to create a perl script to generate log file for last 24 hrs from cron log file ?? Thank You (2 Replies)
Discussion started by: syamji.vm
2 Replies

8. Shell Programming and Scripting

Shell Script for viewing multiple logs from multiple server

I am new to Shell scripting and below is my requirement. I need to search some specific word e.g. "exception" or "transaction" from log file. We have multiple env e.g. Level1 , Level2 etc and each env have Multiple boxes e.g. For Level 1 env we have "test11.test.com" , "test12.test.com". Each... (1 Reply)
Discussion started by: peeyush
1 Replies

9. Shell Programming and Scripting

Bash Script to parse Perforce Logs

Hi All, I need to write a bash script that will parse some perforce log files, the log files will contain user login information, the script would need to pare the log, and check who logs in, and if the user is a superadmin, then the script will check the ip address to see which server the... (4 Replies)
Discussion started by: BostonRob
4 Replies

10. Shell Programming and Scripting

If I ran perl script again,old logs should move with today date and new logs should generate.

Appreciate help for the below issue. Im using below code.....I dont want to attach the logs when I ran the perl twice...I just want to take backup with today date and generate new logs...What I need to do for the below scirpt.............. 1)if logs exist it should move the logs with extention... (1 Reply)
Discussion started by: Sanjeev G
1 Replies

LEARN ABOUT DEBIAN

grokevt-parselog

grokevt-parselog(1)													       grokevt-parselog(1)

NAME

       grokevt-parselog - Parse a windows event log and generate human-readable output based on message resources stored in a database.

SYNOPSIS

       grokevt-parselog  -?|--help  .PP  grokevt-parselog  -l database-dir .PP grokevt-parselog -m database-dir log-type .PP grokevt-parselog [-v]
       [-H] [-h] [-U] [-u] database-dir log-type .SH DESCRIPTION grokevt-parselog reads a windows event log (.evt file) and combines that informa-
       tion  with  messages  templates and other resources stored in a pre-generated database. This is then printed to stdout in a comma-separated
       values (CSV) format.  The database must be created by grokevt-builddb(1).

ARGUMENTS

       database-dir
	      This is the directory where the database is stored. Currently, the actual log files from the original system are also stored in this
	      directory tree.

       log-type
	      This is the windows name for the log. By default windows has the following logs:

			   Application
			   Security
			   System

	      But  others  may	have  been created by third party software. Use the -l option to print a list of all available log types. (The log
	      names are case-sensitive.)

OPTIONS

       -?     Prints a basic usage statement.

       --help Same as -?.

       -l     Log list mode. Lists the logs available in the specified database.

       -m     Meta information mode. Lists meta information stored in the header of the specified log file. Does not print any actual log records.
	      (Format of output in this mode is still subject to change.)

       -v     Verbose mode. Prints status messages to stderr, which can be helpful for debugging.

       -h     Prints a header row at the top of the CSV output containing labels for each column. (This is the default behavior.)

       -H     Disables the printing of a header row. This is useful when grokevt-parselog is used in a script.

       -u     Enables the UTF-8 output of some strings. This can be dangerous on terminals that are not configured to support UTF-8.

       -U     Disables	the use of UTF-8 for output.  Unicode strings are instead converted to UTF-8 first, and then any remaining non-ASCII char-
	      acters are quoted. (This is the default behavior.)

EXAMPLES

       To list all available logs types stored in '~/example.grokevt':

	      grokevt-parselog -l ~/example.grokevt

       To read the 'Application' log from the database stored in '~/example.grokevt' and print it to stdout:

	      grokevt-parselog ~/example.grokevt Application

       To read the 'System' log from the database stored in '~/example.grokevt' and print it to stdout without a header, and with verbosity turned
       on:

	      grokevt-parselog -v -H ~/example.grokevt System

BUGS

       Probably a few. This script has not been extensively tested with some guest platforms.

       The  file  event log file format is pretty well understood and implemented, but some diabolical wrapped, dirty, or fragmentary logs may not
       be correctly parsed.

       Unicode support is currently limited. Any suggestions on how to better handle unicode output would be appreciated.

CREDITS

       Originally written by Jamie French.  Converted to Python and extended by Timothy D. Morgan.  Andreas Schuster has  contributed  greatly	to
       the understanding of the event log format.

       Copyright (C) 2005-2007 Timothy D. Morgan

       Copyright (C) 2004 Jamie French

LICENSE

       Please see the file "LICENSE" included with this software distribution.

       This  program  is  distributed  in  the	hope  that  it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MER-
       CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License version 2 for more details.

SEE ALSO

       grokevt(7) grokevt-addlog(1) grokevt-builddb(1) grokevt-dumpmsgs(1) grokevt-findlogs(1) grokevt-ripdll(1)

File Conversion Utilities					   20 March 2008					       grokevt-parselog(1)
All times are GMT -4. The time now is 02:56 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy