Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine
 
PerlMonks  

Re^3: Win32::EventLog searching the wrong logs

by Anonymous Monk
on May 02, 2014 at 08:53 UTC ( #1084752=note: print w/ replies, xml ) Need Help??


in reply to Re^2: Win32::EventLog searching the wrong logs
in thread Win32::EventLog searching the wrong logs

Do you have a

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Applicat +ion\Setup
key?

Where do you find  Setup.evtx in the registry?

Hmmm Eventlog Key (Windows)


Comment on Re^3: Win32::EventLog searching the wrong logs
Select or Download Code
Replies are listed 'Best First'.
Re^4: Win32::EventLog searching the wrong logs
by Anonymous Monk on May 02, 2014 at 08:55 UTC
    You probably tried those logs as administrator ... maybe you don't have permissions :/
      Viewing EVTX files in Windows XP? says XP is not compatible with the evtx files, use a machine with Vista or better to view them which probably means they're not viewable throug OpenLog and thus Win32::EventLog , so you'll probably have to use EvtQuery cause they're probably xml files

      good luck :)

        The question then is, will Win32::EventLog support this in the foreseeable future or would I have to try my (very inexperienced) hand at implementing it myself? I have yet to succeed in any XS related work even in Linux so I'm not really motivated to try it in Windows :-|

        -- FloydATC

        Time flies when you don't know what you're doing

      I've tried running as local "Administrator" and as a domain user who is member of "Domain Admins", which in turn is member of the local "Administrators" group.

      I wouldn't completely rule out the possibility of UAC pulling a funny trick on me, but I think the anonymous comment about Viewing EVTX files in Windows XP and EvtQuery sounds like a more promising lead.

      -- FloydATC

      Time flies when you don't know what you're doing

Re^4: Win32::EventLog searching the wrong logs
by FloydATC (Chaplain) on May 02, 2014 at 09:43 UTC

    No, I've searched the whole subtree for "Setup" and "Forwarded" and fould only stuff like "VSS Setup"; applications that presumably log their own internal events.

    -- FloydATC

    Time flies when you don't know what you're doing

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1084752]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (8)
As of 2015-07-08 04:39 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (94 votes), past polls