I am writing a script to retrieve eventlogs from windows systems. Currently I am using Active Perl. I started by writing a script that just dumps the output to the screen but I am getting some strange results. Specifically some records seem to print out ok and others look like garbage. Has anyone had trouble with Win32::EventLog? The code is posted below. Thanks in advance.

use Win32::EventLog;
use Date::Calc;

use Strict;

my @epoch = (1970,1,1,7,0,0);
my $EventLog = Win32::EventLog->new("Application")
    or die "Can't open Application Log";
    
$EventLog->GetOldest($oldest)
    or die "Can't get number of oldest EventLog record\n";
$EventLog->GetNumber($lastRec)
    or die "Can't get number of EventLog records\n";
my $lastRecOffset = $oldest + $lastRec - 1;

print $oldest . "\n";
print $lastRec . "\n";
print $lastRecOffset . "\n";
while ($lastRecOffset > $oldest ) {
    $EventLog->Read(EVENTLOG_BACKWARDS_READ|EVENTLOG_SEEK_READ,
                $lastRecOffset,
                $hashRef)
        or die "Can't read EventLog entry #$lastRecOffset\n";
    
    Win32::EventLog::GetMessageText($hashRef);
    my $seconds = $hashRef->{TimeGenerated};
    foreach my $key (keys %$hashRef){
        if (lc($key) =~ /time/){
            print $key . "\t" . FormatDate($hashRef->{$key}) . "\n";
        }else{
        print $key . "\t" . $hashRef->{$key} . "\n";
        }
    }
    $lastRecOffset--;
    print "\n";
}
sub FormatDate {
    my $seconds = shift;
    my @generated = Date::Calc::Add_Delta_DHMS(@epoch,0,0,0,$seconds);
    my $genDate = Date::Calc::Date_to_Text($generated[0],$generated[1]
+,$generated[2]);
    my $ampm = "am";
    if ($generated[3]>12){
        $generated[3] -= 12;
        $ampm = "pm";
    }
    return $genDate . " " .$generated[3] . ":" .$generated[4] . ":" .$
+generated[5] . " $ampm";
}
[download]