« Previous Next »

• 01-17-2006, 3:22 AM

  	elements output Reply Contact Hi, any ideas on how to produce a report that states that there were no records generated when outputing to a HTML report? Currently I am trying to use a tpl file but it will not produce a report when it cannot find an event id (517) which would be the norm Also while I am here is there a way of generating a file with the date as part of the file name TIA Geo
  	Tags: TPL output target

• 01-17-2006, 4:22 AM

  In reply to

  RE: elements output Mark as Not AnswerMark as Answer... Reply Contact Well, you could produce a dummy file with all of the possible event numbers in, then report on the dummy file and your main file together. As far as putting the date in the filename, thats easy, use the multiplexed output ... you put a * everywhere in the INTO <filename> that you wish variable data to appear, then the first column output in the select statement (you will want to add an extra column) will be substituted for the * (and 2nd 3rd and so on) -- if using dates, make sure that you format it so that it doesnt contain invalid ('/') characters, otherwise these will be treated as directory names.

  Tags: TPL output target

• 01-17-2006, 6:04 AM

  In reply to

  	RE: elements output Mark as Not AnswerMark as Answer... Reply Contact I was taking input from various server event logs so this would leave me with two different inputs.  Is this possible? I haven't seen anything in book or forums re this.  Would the best way to go be, to produce a new file and then run a seperate query against the two files, or is there an easier/alternative way to do this? tks
  	Tags: TPL output target

• 01-17-2006, 9:19 AM

  In reply to

  RE: elements output Mark as Not AnswerMark as Answer... Reply Contact Here is a clip from the manual, in the section about the from clause : Regardless of the input format used, the <from_entity> specified in the FROM clause must comply with the following general syntax: The <from_entity> must be a single element or a list of elements, separated by the ',' (comma) or ';' (semicolon) characters, as in the following examples: file1.txtfile1.txt, file2.txtfile1.txt; D:\file2.txt; file3.txt so yes, you can have multiple inputs - I understand from postings on this forum (but may only apply to the previous version) that the space after the comma / semi colon is important. I cannot advise you on the best way forward as I do not know what you are trying to achieve. If you just want to show where data is missing, then using the dummy file is probably the simplest; group the data on the code and output where the count is 1 (ie it only exists in 1 place; the dummy file).

  Tags: TPL output target

• 01-18-2006, 6:15 AM

  In reply to

  RE: elements output Mark as Not AnswerMark as Answer... Reply Contact Thanks for assistance.  All I am trying to do is to check security logs for intrusion attempts. This means the event log that would not normally have the relevant event ID. I want to produce a report that actually states that no untoward events have or have not taken place - user confidence, really! The two files idea sounds brill so I will carry on along that path. Thanks again Geo

  Tags: TPL output target

• 01-26-2007, 11:49 PM

  In reply to

  RE: elements output Mark as Not AnswerMark as Answer... Reply Contact LogParser User : allenbi: Quote: Well, you could produce a dummy file with all of the possible event numbers in, then report on the dummy file and your main file together. As far as putting the date in the filename, thats easy, use... I am trying to get the current system date or time into my LogParser output file name. Here is the query I am trying: C:\PROGRA~1\LOGPAR~1.2>logparser -i:TSV -iSeparator:spaces "SELECT system_time() , field1 AS %Utilization INTO *chart.gif FROM xfrsGLOBAL.asc" -headerRow:off -ch artType:Column3d -chartTitle:"Global CPU Utilization" Here is the error I am getting in addition to the file name not being created like I want: Task completed with errors. Unexpected internal error calling chart object method ExportPicture: Exception occurred. Where am I going wrong. Does anyone have an example of how to do this correctly?

  Tags: TPL output target