C
chris.jasper
Hello,
I recently found that the eventquery.vbs script which comes with XP and
win2003 server could save me a ton of time sifting through logs.. I
figured out how to get it to work (mostly) on win2k by doing the
following:
This script does not exist in windows2000 (server) but can be made to
work by doing the following:
1. Copy eventquery.vbs from XP or win2003server to c:\winnt\system32\
2. Copy CMDLIB.wsc from xp or win2003server to c:\winnt\system32\
3. Register CMDLIB.wsc with the windows 2000 machine by doing the
following at a command prompt:
regsvr32 c:\winnt\system32\CMDLIB.wsc /s
On my test instance (win2k server), I was able to query the security
event log with no troubles. I then did the above procedure on my win2k
domain controller. I can query all logs accept the security log (which
is the one I most want to query). Here is the error I get when running
cscript c:\winnt\system32\eventquery.vbs /l security /v on my win2k
domain controller:
ERROR: Unable to execute the query for the 'security' log
I can use the /s computername switch to query the security log on a
domain client (xp or win2ksp4) from the domain controller with no
problem. I also attempted to run the eventquery.vbs script from one of
my XP domain clients with the /s domaincontroller and it to failed with
the same error message.
I CAN see the security log using the event viewer on the domain
controller.
Can anyone shed light on this?
thanks,
cj
I recently found that the eventquery.vbs script which comes with XP and
win2003 server could save me a ton of time sifting through logs.. I
figured out how to get it to work (mostly) on win2k by doing the
following:
This script does not exist in windows2000 (server) but can be made to
work by doing the following:
1. Copy eventquery.vbs from XP or win2003server to c:\winnt\system32\
2. Copy CMDLIB.wsc from xp or win2003server to c:\winnt\system32\
3. Register CMDLIB.wsc with the windows 2000 machine by doing the
following at a command prompt:
regsvr32 c:\winnt\system32\CMDLIB.wsc /s
On my test instance (win2k server), I was able to query the security
event log with no troubles. I then did the above procedure on my win2k
domain controller. I can query all logs accept the security log (which
is the one I most want to query). Here is the error I get when running
cscript c:\winnt\system32\eventquery.vbs /l security /v on my win2k
domain controller:
ERROR: Unable to execute the query for the 'security' log
I can use the /s computername switch to query the security log on a
domain client (xp or win2ksp4) from the domain controller with no
problem. I also attempted to run the eventquery.vbs script from one of
my XP domain clients with the /s domaincontroller and it to failed with
the same error message.
I CAN see the security log using the event viewer on the domain
controller.
Can anyone shed light on this?
thanks,
cj