Is there a way to import multiple (event) log files with a script?
Article ID: 387
Category: Scripts
Applies to: All
Updated: 2019-03-19
Yes, EventSentry comes with a log file import utility which can be operated manually (double-click it and navigate the interface) or from the command line. The command-line documentation can be found here.
Here is an example of importing the Security log from all of the evtx files in the "C:\Temp\logs" folder by using a VBS script. Please note that you'll need to move or delete the evtx files when completed to avoid duplicate data resulting from importing the same files multiple times.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
Option Explicit
Dim FS, FO, FC, FN
Dim MyFolder, MyExtension, CurrentExtension
Dim MyImporterExe, MyEventlogName, MyActionName, MyCommand, MyShell
MyFolder = "C:\Temp\logs"
MyExtension = "evtx"
MyImporterExe = "C:\Temp\EventSentry\eventsentry_db_import_x64.exe"
MyEventlogName = "Security"
MyActionName = "Primary Database"
Set FS = CreateObject("Scripting.FileSystemObject")
Set FO = FS.GetFolder(MyFolder)
Set FC = FO.Files
For Each FN in FC
CurrentExtension = FS.GetExtensionName(FN)
If MyExtension = CurrentExtension then
MyCommand = "cmd /K " & Chr(34) & Chr(34) & MyImporterExe & Chr(34) & " /file:" & Chr(34) & MyFolder & "\" & FN.name & Chr(34) & " /eventlog:" & Chr(34) & MyEventlogName & Chr(34) & " /action:" & Chr(34) & MyActionName & Chr(34)
Set MyShell = WScript.CreateObject("WScript.shell")
MyShell.run(MyCommand)
End If
Next
|
