cteni EventLogu

[Polak Michal]

Dobry den,

Perl: 5.00503
OS: 'MSWin32'
Tk: 800.012

nemate nekdo zkusenost se ctenim EventLogu ?
Muj Perlovy script se mimo jine chova divne v tomto ohledu:
Pozn: nezalezi na tom, zda se jedna o lokalni ci remote pocitac, vzdy se
chova stejne.

$mode = 1; #vse v poradku, zobrazi se informace o System Logu
$mode = 4; #vse v poradku, zobrazi se informace o Application Logu
$mode = 5; #zobrazi se SystemLog, pro Application log selhava metoda
Read (objevi se moje hlasky 
                 #'SATYR, Application: Chyba nacitani polozky $x',
foreach $x (1..400) ).
use Win32::EventLog;
readEventLog ('System', $computer) if (($mode & 1)  == 1);
readEventLog ('Security', $computer) if (($mode & 2) == 2);
readEventLog ('Application', $computer) if (($mode & 4) == 4);

$mode = 1; #vse v poradku, zobrazi se informace o System Logu
$mode = 4; #vse v poradku, zobrazi se informace o Application Logu
$mode = 5; #Perl zobrazi pouze (!!) 'Error: Runtime exception' a zemre
use Win32::EventLog;
readEventLog ('Application', $computer) if (($mode & 4) == 4);
readEventLog ('System', $computer) if (($mode & 1)  == 1);
readEventLog ('Security', $computer) if (($mode & 2) == 2);

kde readEventLog je definovana nasledovne:

sub readEventLog ($$) {

  my ($nameEventLog, $computer) = @_;

  push @result, "------------------------\nLog
'$nameEventLog':\n----------------------\n";

  my $handle = Win32::EventLog->new($nameEventLog, $computer);
  unless (defined $handle) {

    push @result, "Chyba otevirani logu '$nameEventLog' na pocitaci
'$computer'.\n\n";
    return;
  }

my $recs;
  unless ($handle->GetNumber($recs)) {

    push @result, "Chyba spusteni metody GetNumber logu '$nameEventLog'
na pocitaci '$computer'.\n\n";
    return;
  };


  my $base;
  unless ($handle->GetOldest($base)) {

    push @result, "Chyba spusteni metody GetOldest logu '$nameEventLog'
na pocitaci '$computer'.\n\n";
    return;
  };

my $item; 

 for (my $x = $base; $x < $recs; $x++) {

   unless ($handle->Read(EVENTLOG_FORWARDS_READ|EVENTLOG_SEEK_READ, $x,
$item)) {
     push @result, "$computer, $nameEventLog: Chyba nacitani polozky " .
$x . "\n";
   } else {

     Win32::EventLog::GetMessageText($item);

     if ($all or ($item->{TimeGenerated} >= $beginTime and
$item->{TimeGenerated} <= $endTime)) {
   
       my $text = $item->{Message};
       next unless defined $text;
       chop $text;
       $text =~ s/[\x00-\x1f]//g;
   
       push @result, getDate($item->{TimeGenerated}) . " - " .
$item->{RecordNumber} . ": kat: " .
	 $item->{Category} . ", typ: " . $item->{EventType} . ",
pocitac: " . $item->{Computer} . ", uzivatel: " .
	   $item->{User} . ", " . $text . "\n";
     };
     
   };
 }

$handle->Clear() if $clear;
$handle->Close();
};
--
Michal Polak
system programmer, TurboConsult s.r.o.
mpolak na email.cz, michal.polak na tconsult.cz
+420 5 4121 2898, kl. 218

Everyone should hold strong convictions, I am convinced I will have
another glass.