Exchange: Event Monitoring Via WMI (Backup Report)
Summary:
In this article, I will provide a sample script to monitor event IDs and email the event to the specified email address. This sample code implements the use of WMI quering the Win32_NTLogEvent class for event ID 213. Event ID Source ESE 213 indicates the completion of Exchange Backups. If you do not see Event ID 213, you may be using a third party backup application that does not use the Exchange backup API. If this is the case, you will need to identify the event ID that your third party application uses.
The script will email out so you will need to specify your SMTP server in this script.
Note: You can use built in Windows command eventcreate.exe to simulate event to test.
Event ID 213
Information Store (4168) TEST.NET: The backup procedure has been successfully completed.
1. Modify the portion of the script to specify the source and destination email addresses to send from and to.
2. Copy the contents below and name the file eventmon.vbs
3. Double Click the file. It will continously monitor for the event 213. Therefore you will see wscript process running in task manager process tab. To terminate the job, click end task.
Note: You can download this file from ftp://ftp.smtp25.org/[ James Chong Scripts ]
set objEmail = CreateObject("CDO.Message")
'strComputer=Inputbox("Enter the computer name you want to monitor")
'if strcomputer="" then
strComputer = "."
'end if
set objwmiservice=getobject("winmgmts://" &strcomputer &"/root/cimv2")
strwql="select * " & _
"from __instancecreationevent " & _
"where targetinstance isa 'Win32_NTLogEvent' " & _
"and targetinstance.eventcode = '213' "
set objeventsource=objwmiservice.execnotificationquery(strwql)
wscript.echo "waiting for an event to happen on " &strcomputer
While True
set objeventobject=objeventsource.nextevent()
objEmail.Subject = objEventobject.TargetInstance.ComputerName & _
objEventobject.TargetInstance.logfile & "\" & _
objEventobject.TargetInstance.sourcename
objEmail.From = "admin@mydomain.com"
objEmail.To = "admins@mydomain.com"
objEmail.Textbody = "Computer Name: " & _
objEventobject.TargetInstance.ComputerName & _
"Notification E-Mail from Automated windows event monitoring script." & vbcrlf _
& " Event Type: " & objEventobject.TargetInstance.type & vbcrlf _
& " Event ID: " & objEventobject.TargetInstance.eventcode &vbcrlf _
& " Event source: " & objEventobject.TargetInstance.sourcename & vbcrlf _
& " Event Log: " & objEventobject.TargetInstance.logfile & vbcrlf _
& " Event Time: " & objEventobject.TargetInstance.timewritten & vbcrlf _
& "The Event Err details are :- " & vbcrlf _
& objEventobject.TargetInstance.Message
'==This section provides the configuration information for the remote SMTP server.
'==Normally you will only change the server name or IP.
objemail.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
'Name or IP of Remote SMTP Server
objemail.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mail.mydomain.com"
'Server port (typically 25)
objemail.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objemail.Configuration.Fields.Update
'==End remote SMTP server configuration section==
objEmail.Send
Wend
James Chong
MCSE M+, S+, MCTS, Security+
msexchangetips.blogspot.com
How useful was this article? Want to see a tip not listed? Please leave a comment.
In this article, I will provide a sample script to monitor event IDs and email the event to the specified email address. This sample code implements the use of WMI quering the Win32_NTLogEvent class for event ID 213. Event ID Source ESE 213 indicates the completion of Exchange Backups. If you do not see Event ID 213, you may be using a third party backup application that does not use the Exchange backup API. If this is the case, you will need to identify the event ID that your third party application uses.
The script will email out so you will need to specify your SMTP server in this script.
Note: You can use built in Windows command eventcreate.exe to simulate event to test.
Event ID 213
Information Store (4168) TEST.NET: The backup procedure has been successfully completed.
1. Modify the portion of the script to specify the source and destination email addresses to send from and to.
2. Copy the contents below and name the file eventmon.vbs
3. Double Click the file. It will continously monitor for the event 213. Therefore you will see wscript process running in task manager process tab. To terminate the job, click end task.
Note: You can download this file from ftp://ftp.smtp25.org/[ James Chong Scripts ]
set objEmail = CreateObject("CDO.Message")
'strComputer=Inputbox("Enter the computer name you want to monitor")
'if strcomputer="" then
strComputer = "."
'end if
set objwmiservice=getobject("winmgmts://" &strcomputer &"/root/cimv2")
strwql="select * " & _
"from __instancecreationevent " & _
"where targetinstance isa 'Win32_NTLogEvent' " & _
"and targetinstance.eventcode = '213' "
set objeventsource=objwmiservice.execnotificationquery(strwql)
wscript.echo "waiting for an event to happen on " &strcomputer
While True
set objeventobject=objeventsource.nextevent()
objEmail.Subject = objEventobject.TargetInstance.ComputerName & _
objEventobject.TargetInstance.logfile & "\" & _
objEventobject.TargetInstance.sourcename
objEmail.From = "admin@mydomain.com"
objEmail.To = "admins@mydomain.com"
objEmail.Textbody = "Computer Name: " & _
objEventobject.TargetInstance.ComputerName & _
"Notification E-Mail from Automated windows event monitoring script." & vbcrlf _
& " Event Type: " & objEventobject.TargetInstance.type & vbcrlf _
& " Event ID: " & objEventobject.TargetInstance.eventcode &vbcrlf _
& " Event source: " & objEventobject.TargetInstance.sourcename & vbcrlf _
& " Event Log: " & objEventobject.TargetInstance.logfile & vbcrlf _
& " Event Time: " & objEventobject.TargetInstance.timewritten & vbcrlf _
& "The Event Err details are :- " & vbcrlf _
& objEventobject.TargetInstance.Message
'==This section provides the configuration information for the remote SMTP server.
'==Normally you will only change the server name or IP.
objemail.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
'Name or IP of Remote SMTP Server
objemail.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mail.mydomain.com"
'Server port (typically 25)
objemail.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objemail.Configuration.Fields.Update
'==End remote SMTP server configuration section==
objEmail.Send
Wend
James Chong
MCSE M+, S+, MCTS, Security+
msexchangetips.blogspot.com
How useful was this article? Want to see a tip not listed? Please leave a comment.
12 Comments:
Hi James,
It was indeed a vital post for me, i am looking forward to monitor all the incoming msgs at an exchange server 2003, and do something with the msgs for which recepients are not available.
any quick views? i'll appreciate.
thanks and regards
brij
On as regards backup i know little,but restore-convert a microsoft exchange .ost to .pst,may program for Exchange recovery ost was made to recover Exchange with ost files Outlook 2003,allows to recover all files separately: *.eml, *.vcf and *.txt files will be extracted and placed in the same folder,program is based on effective *.ost files recovery technology, that allows easily convert them to *.pst files, that can be opened by any mail client, compatible with Microsoft Outlook.
For many people, the first type of Men’ Footwear that we believe that during the consideration of Hogan scarpe for men in May of tennis shoes or even a generic cross-training shoes. For others, they believe in May of Hogan scarpe donna , it depends on your background. In fact, this category of hogan donna covers a wide range of sports shoes and leisure activities ranging from golf and basketball and soccer shoes race. I tend to buy Hogan scarpe uomo against training only because I am involved in a wide range of sports and weightlifting, the race to play basketball.
louis vuitton outlet, oakley sunglasses, michael kors handbags, cheap jordans, prada handbags, uggs outlet, michael kors outlet, oakley sunglasses, uggs on sale, ray ban sunglasses, burberry outlet, tiffany jewelry, uggs on sale, kate spade, gucci handbags, ray ban sunglasses, prada outlet, longchamp outlet, louboutin uk, burberry factory outlet, tory burch outlet, nike air max, tiffany jewelry, christian louboutin, louboutin shoes, oakley sunglasses, cheap oakley sunglasses, chanel handbags, michael kors outlet store, louis vuitton outlet, nike outlet, ralph lauren polo, louis vuitton, christian louboutin, michael kors outlet online, longchamp outlet, uggs outlet, michael kors outlet online, nike air max, longchamp bags, replica watches, ralph lauren outlet, oakley sunglasses, ray ban sunglasses, louis vuitton outlet online, nike free, michael kors
converse shoes outlet, salvatore ferragamo, timberland boots, softball bats, herve leger, ray ban, hollister, louboutin, gucci, nike roshe run, iphone cases, beats by dre, mcm handbags, oakley, p90x workout, insanity workout, wedding dresses, abercrombie and fitch, abercrombie, nike air max, mac cosmetics, babyliss pro, valentino shoes, bottega veneta, mont blanc, converse, jimmy choo outlet, hollister clothing, nike air max, north face outlet, new balance shoes, north face outlet, instyler ionic styler, soccer shoes, lululemon outlet, asics running shoes, ghd hair, giuseppe zanotti, soccer jerseys, nfl jerseys, longchamp uk, reebok outlet, nike air huarache, chi flat iron, hermes handbags, vans outlet, polo ralph lauren, celine handbags, nike trainers uk, vans scarpe
adidas outlet
soccer jerseys wholesale
michael kors handbags
mulberry outlet store
prada outlet
cheap nba jerseys
ralph lauren uk
swarovski crystal
oakley sunglasses wholesale
chanel handbags outlet
ralph lauren outlet
cheap jordan shoes
canada goose coats
toms outlet store
puma outlet
north face outlet store
ugg boots
black friday deals
ugg outlet
toms outlet
1128minko
pandora bracelet
cheap ray ban sunglasses
ecco boots
michael kors outlet
oakley sunglasses outlet
coach outlet store online
pandora bracelet
longchamp outlet
cheap nfl jerseys wholesale
true religion jeans
2017.4.6chenlixiang
saics running shoes
jordan 4
oakley sunglasses
michael kors handbags
michael kors uk
michael kors uk
hugo boss sale
colts jerseys
kate spade outlet
49ers jersey
20170813
Services availaBle:
- ComBating anD eraDication of insects anD Rumah roDents.
- The eraDication of rats anD mil White.
- Cleaning carpets, mattresses.
- Washing anD cleaning curtains anD sofas.
شركات مكافحة حشرات بجدة
شركات مكافحة حشرات بمكة
شركات مكافحة حشرات بالخرج
شركات مكافحة الحشرات بالاحساء
شركة مكافحة حشرات بحائل
zzzzz2018.7.14
valentino
golden goose shoes
pandora jewelry
moncler outlet
pandora charms
prada outlet
basket nike femme
pandora
ugg boots on sale 70% off
superdry clothing
Dial *833*Amount*Account Number# from your phone line registered with Polaris Bank (alert line), then follow the on-screen prompts. Get the Polaris bank money transfer code for money transfers. You can also transfer funds by following the steps below: Dial *833# and select option 3 (Transfers) or Dial *833*3#.
Read More; Free movies websites to download mp4 HD films online.
Post a Comment
<< Home