Windows Event Monitoring Script

This script emails filtered events to an administrator as the event log records them.

Readers

January 11, 2004

2 Min Read
ITPro Today logo in a gray background | ITPro Today


[Share your scripting discoveries, comments, problems, solutions, and experiences with products. Email your contributions (500 words or less) to [email protected]. We edit submissions for style, grammar, and length. If we print your submission, you'll get $100.]

Sometimes when you're monitoring a server, you want to ignore certain events. For example, when I'm monitoring a Microsoft Exchange Server system, I prefer to ignore the Norton Antivirus for Exchange event. I wrote the script that Listing 1, page 16, shows to monitor crucial events such as Warning and Error events and to exclude Audit Success, Audit Failure, and Information events. The script emails filtered events to an administrator. Web Figure 1 (http://www.winnetmag.com/windows scripting, InstantDoc ID 41197) shows a sample email message.

The script will fail and generate the Access Denied error message if you ask it to monitor the machine from which you're running it. You need to run the script from a machine that's running Windows XP or Windows 2000, with Microsoft IIS SMTP and the Windows Management Instrumentation (WMI) service. In addition, you need administrative privileges on the remote system you want to monitor, and that remote system must also be running the WMI service.

When you start the script, it prompts you for a server name. The script then monitors that server indefinitely for event occurrences. (If you don't enter a computer name, the script tries to connect to the local PC and you receive the Access Denied error message.) To stop the script, you can go to the Task Manager's Processes tab, select wscript.exe, and click End Process.

Using this script saves time and increases productivity. I no longer have to log on to the server, filter the event logs to review specific events, or copy error messages to search for solutions to problems. I don't need to review the Event Viewer for particular logs because the filtered crucial event logs come to my Inbox, so I can take immediate action.

—Santhosh H.
[email protected]

About the Author

Readers

Readers

See more from Readers
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

ITPro Today's 2024 IT Priorities Report cover
Career Management
ITPro Today’s 2024 IT Priorities ReportITPro Today’s 2024 IT Priorities Report
byChristopher Tozzi
Sep 25, 2024
1 Min Read
a casually dressed it professionals is awkwardly projected on a video call screen in front of a large professional audience
Career Tips
My Manager Promised a Chill Meeting. I Got Ambushed Instead.My Manager Promised a Chill Meeting. I Got Ambushed Instead.
byDanielle Meinert
Sep 26, 2024
3 Min Read
a gavel at the center of a maze
Regulatory Compliance
Guide To Navigating the Legal Perils After a Cyber IncidentGuide To Navigating the Legal Perils After a Cyber Incident
byIan Horowitz
Sep 20, 2024
7 Min Read
Exclusive ITPro Resources
See all ITPro Resources

Featured Technical Explainers

multicloud concept
Cloud Computing
Cross-Cloud: The Next Evolution in Cloud Computing?Cross-Cloud: The Next Evolution in Cloud Computing?
Wi-Fi 6 speed logo glowing on virtual screen while businessperson points hand and using laptop computer.
IT Operations
Wi-Fi 6: A Step Forward, But Wired LAN Still Holds the CrownWi-Fi 6: A Step Forward, But Wired LAN Still Holds the Crown
American flag in front of a government building
IT Operations
Pros and Cons of Government IT JobsPros and Cons of Government IT Jobs
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

Recent What Is

technology interface with a person's hand drawing gears and cogs
PowerShell
Introduction To PowerShell Environment VariablesIntroduction To PowerShell Environment Variables
list of domains within the umbrella category of IT security
IT Security
What Is IT Security? Essentials of IT Security ExplainedWhat Is IT Security? Essentials of IT Security Explained