Win32_NTEventlogFile perl sample code
The foundations for Manageability in Windows is Windows Management Instrumentation (WMI; formerly WBEM) and WMI extensions for Windows Driver Model (WDM).
ActiveXperts Network Monitor provides the ability to build monitor check routines based on WMI. ActiveXperts has collected more than a hundred WMI samples. You can use these samples as a base for new check routines you can write yourself. The Win32_NTEventlogFile WMI class can be used in ActiveXperts Network Monitor to monitor your servers.
Description
The Win32_NTEventlogFile WMI class represents a logical file or directory of Windows NT events.
Sample Code
use strict; use Win32::OLE('in'); use constant wbemFlagReturnImmediately => 0x10; use constant wbemFlagForwardOnly => 0x20; my @computers = ("DELL17"); foreach my $computer (@computers) { print "\n"; print "==========================================\n"; print "Computer: $computer\n"; print "==========================================\n"; my $objWMIService = Win32::OLE->GetObject("winmgmts:\\\\$computer\\root\\CIMV2") or die "WMI connection failed.\n"; my $colItems = $objWMIService->ExecQuery("SELECT * FROM Win32_NTEventlogFile", "WQL", wbemFlagReturnImmediately | wbemFlagForwardOnly); foreach my $objItem (in $colItems) { print "AccessMask: $objItem->{AccessMask}\n"; print "Archive: $objItem->{Archive}\n"; print "Caption: $objItem->{Caption}\n"; print "Compressed: $objItem->{Compressed}\n"; print "CompressionMethod: $objItem->{CompressionMethod}\n"; print "CreationClassName: $objItem->{CreationClassName}\n"; print "CreationDate: $objItem->{CreationDate}\n"; print "CSCreationClassName: $objItem->{CSCreationClassName}\n"; print "CSName: $objItem->{CSName}\n"; print "Description: $objItem->{Description}\n"; print "Drive: $objItem->{Drive}\n"; print "EightDotThreeFileName: $objItem->{EightDotThreeFileName}\n"; print "Encrypted: $objItem->{Encrypted}\n"; print "EncryptionMethod: $objItem->{EncryptionMethod}\n"; print "Extension: $objItem->{Extension}\n"; print "FileName: $objItem->{FileName}\n"; print "FileSize: $objItem->{FileSize}\n"; print "FileType: $objItem->{FileType}\n"; print "FSCreationClassName: $objItem->{FSCreationClassName}\n"; print "FSName: $objItem->{FSName}\n"; print "Hidden: $objItem->{Hidden}\n"; print "InstallDate: $objItem->{InstallDate}\n"; print "InUseCount: $objItem->{InUseCount}\n"; print "LastAccessed: $objItem->{LastAccessed}\n"; print "LastModified: $objItem->{LastModified}\n"; print "LogfileName: $objItem->{LogfileName}\n"; print "Manufacturer: $objItem->{Manufacturer}\n"; print "MaxFileSize: $objItem->{MaxFileSize}\n"; print "Name: $objItem->{Name}\n"; print "NumberOfRecords: $objItem->{NumberOfRecords}\n"; print "OverwriteOutDated: $objItem->{OverwriteOutDated}\n"; print "OverWritePolicy: $objItem->{OverWritePolicy}\n"; print "Path: $objItem->{Path}\n"; print "Readable: $objItem->{Readable}\n"; print "Sources: " . join(",", (in $objItem->{Sources})) . "\n"; print "Status: $objItem->{Status}\n"; print "System: $objItem->{System}\n"; print "Version: $objItem->{Version}\n"; print "Writeable: $objItem->{Writeable}\n"; print "\n"; } }sub WMIDateStringToDate(strDate) { return "blah"; }