Archive for February, 2006

02.14.06

vbscript to display startup shutdown events

Posted in Uncategorized, OS at 4:26 pm by webmaster

How many times have you walked into a site and wanted to know at the click of a mouse (ok throw the text in a .vbs file), when the last times a system started and shutdown?

This is all there is to it 

Cscript c:\windows\system32\Eventquery.vbs /l system /fi “id gt 6004″ /fi “id lt 6009″ /r 20

 

If you want to get a little fancier (This was thrown togeather as a quck hack) try copying the following text into a *.bat file

@echo off
echo ——– Startup and shutdown events ——-
Cscript //NoLogo  c:\windows\system32\Eventquery.vbs /l system /fi “id gt 6004″ /fi “id lt 6009″ /r 20

pause

echo ——– System errors and warnings ——-

Cscript //NoLogo  c:\windows\system32\eventquery.vbs /l “system”  /fi “type eq error or type eq Warning” /r 10
pause
echo ——– Application errors and warnings ——-
Cscript //NoLogo  c:\windows\system32\eventquery.vbs /l “application”  /fi “type eq error or type eq Warning” /r 10
pause
echo ——– Security Failures ——-
Cscript //NoLogo  c:\windows\system32\eventquery.vbs /l “security”  /fi “type eq FailureAudit” /r 10
pause
echo ——– DNS errors and warnings ——-
Cscript //NoLogo  c:\windows\system32\eventquery.vbs /l “dns server”  /fi “type eq error or type eq Warning” /r 10
pause
echo ——– Directory Service errors and warnings ——-
Cscript //NoLogo  c:\windows\system32\eventquery.vbs /l “directory service”  /fi “type eq error or type eq Warning” /r 10
pause
echo ——– File Replication Service errors and warnings ——-
Cscript //NoLogo  c:\windows\system32\eventquery.vbs /l “file replication service”  /fi “type eq error or type eq Warning” /r 10
pause

Evectively the above “script” will:

  1. Produce the last 40 startup/shutdown events
  2. provide the last 20 warning/critical error messages for the following event logs system, application, dns server, file replication service, and directory services
  3. provide the last 20 failure security logs

Allthough this is not an elegant solution it allows me to execute a quick script to quickly narrow in on areas that require futgher investigation.  I hope it helps you!