Re: Need Advice: Date difference revisted

Replies are listed 'Best First'.
Re: Re: Need Advice: Date difference revisted by ysth (Canon) on Mar 10, 2004 at 04:05 UTC
Where are you getting the date from? If it is a file modification date, you could just check like this: `if (-M $filename > 15) { print("Reboot more than 15 days ago."); }` [download] (No, I haven't tested this, especially on perl4 on Windows.)	[reply] [d/l]
Re: Re: Re: Need Advice: Date difference revisted by emilford (Friar) on Mar 10, 2004 at 04:09 UTC
The only way something like this would work is if there is a Windows file that is written to whenever the system is rebooted. Again, the systems are locked down, so I have few options for finding the system uptime on Windows. The only thing I've found so far that gives any indications is the 'net statistics' command. I know this is a pain in the a$$. When I can use Perl 5 I do. If I had the option, I'd be able to write this in no time. With Perl 4, however, I'm a bit stuck. I appreciate the responses guys. How difficult do you think it'd be to write my own date difference subroutines? I'd imagine it's quite involved since there's an entire module dedicated to this alone.	[reply]
Re: Re: Re: Re: Need Advice: Date difference revisted by BrowserUk (Patriarch) on Mar 10, 2004 at 07:04 UTC
You could try searching the file %SystemRoot%\system32\config\SysEvent.Evt for the last 6005 record. it contains. `Event Type: Information Event Source: EventLog Event Category: None Event ID: 6005 Date: 17/01/2004 Time: 09:36:52 User: N/A Computer: YOURSERVER Description: The Event log service was started.` [download] Under most normal circumstances, that would tell you exactly when the machine was last booted. Decoding the event logs without using the api's (which as far as I know) you can only reasonably get at with perl 5 .something is a PITA as they are variable length records, but using an hex editor, searching for x'75 17' will get you close to the record and then comparing that with the Eventvwr display for the same record, it shouldn't be too hard to work out the date/time format. It's probably one of documented MS time formats. A little unpacking of likely target would get you what you need. Examine what is said, not who speaks. "Efficiency is intelligent laziness." -David Dunham "Think for yourself!" - Abigail	[reply] [d/l]
Re^4: Need Advice: Date difference revisted (files) by tye (Sage) on Mar 10, 2004 at 05:33 UTC
Checking, it appears that C:/pagefile.sys is just such a file. "$ENV{WINDIR}/System32/config/SAM.LOG" also works if you don't make lots of SAM changes (like on a domain controller). - tye	[reply]
Re: Re^4: Need Advice: Date difference revisted (files) by emilford (Friar) on Mar 10, 2004 at 13:06 UTC
Re: Re: Re: Re: Need Advice: Date difference revisted by ysth (Canon) on Mar 10, 2004 at 04:19 UTC
When I try "net statistics server" or "net statistics workstation" the only date I see is earlier this afternoon, and I last rebooted several days ago. This is Win XP Pro. Anyway, if all you need is to test if a date is more than 15 days ago, its not that complicated. Where is your perl4 from? Is it available as a binary distribution?	[reply]
Re: Re: Re: Re: Re: Need Advice: Date difference revisted by emilford (Friar) on Mar 10, 2004 at 13:03 UTC


Think about Loose Coupling
	PerlMonks