« Previous Next »

• 08-10-2009, 2:50 PM

  BCStryker Joined on 08-10-2009, 6:16 PM Posts 1

  LogParser Script to capture logon/logoff info on a remote computer Reply Contact Hi all, I am hoping to use Logparser to capture logon/logoff user info (ID's 528 and 540) from the security logs of a Windows 2003 fileserver for only certain machine names using wildcards in a certain date range say weekly or monthly. Ideally the script would be run remotely and would on a weekly schedule connect to the fileserver, capture only logon and logoff events of computer workstations with names like *wkstn and *srvr from the previous week, and would then dump the info into a CSV file into a remote file share somewhere for analysis. Is that possible to do with Logparser and if so has something been already written out there that I could modify and use? Thanks for any help!

• 08-14-2009, 12:17 PM

  In reply to

  ServerIntellect_BH Joined on 01-12-2009, 2:27 PM Orlando, FL Posts 130

  Re: LogParser Script to capture logon/logoff info on a remote computer Reply Contact Hello, This is definitely do-able with LogParser; it is capable of remotely retrieving or storing selected event logs. http://www.orcsweb.com/blog/post/Use-Logparser-to-extract-information-from-a-remote-server-application-event-log.aspx http://searchwindowsserver.techtarget.com/generic/0,295582,sid68_gci1276952,00.html Hope this helps! Brock Hensley Technical Support Representative http://www.ServerIntellect.com Managed Servers, 24x7 U.S. Support, Web Hosting Solutions.