Skip Menu |
 

This queue is for tickets about the Win32-EventLog CPAN distribution.

Report information
The Basics
Id: 61907
Status: new
Priority: 0/
Queue: Win32-EventLog

People
Owner: Nobody in particular
Requestors: duncan.loveday [...] bt.com
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



From duncan.loveday [...] bt.com Tue Oct 5 10: 21:15 2010
MIME-Version: 1.0
X-Spam-Status: No, score=-10.599 tagged_above=-99.9 required=10 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] autolearn=ham
X-Spam-Flag: NO
Acceptlanguage: en-US, en-GB
Content-Language: en-US
content-type: text/plain; charset="utf-8"
Message-ID: <84BB7517C8164B4CAEEDAFA8078DB59604C296D76A [...] EMV02-UKBR.domain1.systemhost.net>
X-Virus-Scanned: Debian amavisd-new at bestpractical.com
X-MS-Tnef-Correlator:
X-Spam-Score: -10.599
Received: from localhost (localhost [127.0.0.1]) by hipster.bestpractical.com (Postfix) with ESMTP id 2229A240D6E for <cpan-bug+Win32-EventLog [...] hipster.bestpractical.com>; Tue, 5 Oct 2010 10:21:15 -0400 (EDT)
Received: from hipster.bestpractical.com ([127.0.0.1]) by localhost (hipster.bestpractical.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WEeDysyPbFMR for <cpan-bug+Win32-EventLog [...] hipster.bestpractical.com>; Tue, 5 Oct 2010 10:21:07 -0400 (EDT)
Received: from la.mx.develooper.com (x1.develooper.com [207.171.7.70]) by hipster.bestpractical.com (Postfix) with SMTP id EB2E424026C for <bug-Win32-EventLog [...] rt.cpan.org>; Tue, 5 Oct 2010 10:21:06 -0400 (EDT)
Received: (qmail 15375 invoked by uid 103); 5 Oct 2010 14:24:29 -0000
Received: from x16.dev (10.0.100.26) by x1.dev with QMQP; 5 Oct 2010 14:24:29 -0000
Received: from smtp64.intersmtp.COM (HELO smtpe1.intersmtp.com) (62.239.224.237) by 16.mx.develooper.com (qpsmtpd/0.80) with ESMTP; Tue, 05 Oct 2010 07:24:26 -0700
Received: from EVMHT65-UKRD.domain1.systemhost.net (10.36.3.102) by RDW083A008ED64.smtp-e4.hygiene.service (10.187.98.13) with Microsoft SMTP Server (TLS) id 8.2.254.0; Tue, 5 Oct 2010 15:24:22 +0100
Received: from EVMHT05-UKBR.domain1.systemhost.net (193.113.108.58) by EVMHT65-UKRD.domain1.systemhost.net (10.36.3.102) with Microsoft SMTP Server (TLS) id 8.2.254.0; Tue, 5 Oct 2010 15:24:22 +0100
Received: from EMV02-UKBR.domain1.systemhost.net ([169.254.1.219]) by EVMHT05-UKBR.domain1.systemhost.net ([193.113.108.58]) with mapi; Tue, 5 Oct 2010 15:24:22 +0100
Delivered-To: cpan-bug+Win32-EventLog [...] hipster.bestpractical.com
Subject: Read event logs for "Application Channels" ?
Return-Path: <duncan.loveday [...] bt.com>
X-RT-Mail-Extension: win32-eventlog
X-Original-To: cpan-bug+Win32-EventLog [...] hipster.bestpractical.com
X-Spam-Check-BY: 16.mx.develooper.com
Thread-Index: ActkmQBPJ+gosAYkRJGpz5ciMgk5QQ==
Date: Tue, 5 Oct 2010 15:24:20 +0100
X-Spam-Level:
X-MS-Has-Attach:
Thread-Topic: Read event logs for "Application Channels" ?
Accept-Language: en-US, en-GB
To: <bug-Win32-EventLog [...] rt.cpan.org>
Content-Transfer-Encoding: quoted-printable
From: <duncan.loveday [...] bt.com>
X-RT-Original-Encoding: us-ascii
Content-Length: 3178
Download (untitled) / with headers
text/plain 3.1k
Hi, We're trying to read event logs with "application" channels as opposed to "global" channels, as documented here http://msdn.microsoft.com/en-us/library/bb756956.aspx on Windows 2008. We find the Win32::Event module will only accept source names that correspond to "global" channels and exist in the registry under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog, typically just "System", "Security" and "Application". On our system there are many more event logs - see below - which contain events from application channels and which we are unable to read with the Win32::EventLog package. The latter exist in the registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels. Is there a way and if not, should the package be enhanced ? Duncan. $ ls C:/Windows/System32/winevt/Logs/ Application.evtx HardwareEvents.evtx Internet Explorer.evtx Key Management Service.evtx Microsoft-Windows-Bits-Client%4Operational.evtx Microsoft-Windows-CodeIntegrity%4Operational.evtx Microsoft-Windows-CorruptedFileRecovery-Client%4Operational.evtx Microsoft-Windows-CorruptedFileRecovery-Server%4Operational.evtx Microsoft-Windows-DateTimeControlPanel%4Operational.evtx Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Microsoft-Windows-Diagnosis-MSDT%4Operational.evtx Microsoft-Windows-Diagnosis-PLA%4Operational.evtx Microsoft-Windows-Diagnostics-Networking%4Operational.evtx Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Microsoft-Windows-EventCollector%4Operational.evtx Microsoft-Windows-Forwarding%4Operational.evtx Microsoft-Windows-GroupPolicy%4Operational.evtx Microsoft-Windows-Help%4Operational.evtx Microsoft-Windows-International%4Operational.evtx Microsoft-Windows-Kernel-WDI%4Operational.evtx Microsoft-Windows-Kernel-WHEA.evtx Microsoft-Windows-LanguagePackSetup%4Operational.evtx Microsoft-Windows-MUI%4Operational.evtx Microsoft-Windows-MemoryDiagnostics-Results%4Debug.evtx Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx Microsoft-Windows-ReliabilityAnalysisComponent%4Metrics.evtx Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Microsoft-Windows-RestartManager%4Operational.evtx Microsoft-Windows-Security-Configuration-Wizard%4Diagnostic.etl Microsoft-Windows-Security-Configuration-Wizard%4Operational.etl Microsoft-Windows-ServerManager%4Analytic.etl Microsoft-Windows-ServerManager%4Operational.evtx Microsoft-Windows-TaskScheduler%4Operational.evtx Microsoft-Windows-TerminalServices-PnPDevices%4Admin.evtx Microsoft-Windows-TerminalServices-PnPDevices%4Operational.evtx Microsoft-Windows-TerminalServices-RDPClient%4Operational.evtx Microsoft-Windows-UAC%4Operational.evtx Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Microsoft-Windows-Winlogon%4Operational.evtx Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx Microsoft-Windows-Wired-AutoConfig%4Operational.evtx Security.evtx Setup.evtx System.evtx Windows PowerShell.evtx Administrator@MMRLAB195 ~ $
From duncan.loveday [...] bt.com Tue Oct 5 10: 42:53 2010
MIME-Version: 1.0
X-Spam-Status: No, score=-10.599 tagged_above=-99.9 required=10 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] autolearn=ham
In-Reply-To: <rt-3.8.HEAD-29489-1286288679-153.61907-3-0 [...] rt.cpan.org>
X-Spam-Flag: NO
Acceptlanguage: en-US, en-GB
Content-Language: en-US
X-Virus-Scanned: Debian amavisd-new at bestpractical.com
Message-ID: <84BB7517C8164B4CAEEDAFA8078DB59604C296D772 [...] EMV02-UKBR.domain1.systemhost.net>
Content-Type: text/plain; charset="utf-8"
X-MS-Tnef-Correlator:
X-RT-Original-Encoding: utf-8
X-Spam-Score: -10.599
Received: from localhost (localhost [127.0.0.1]) by hipster.bestpractical.com (Postfix) with ESMTP id 4BE42240D8A for <cpan-bug+Win32-EventLog [...] hipster.bestpractical.com>; Tue, 5 Oct 2010 10:42:53 -0400 (EDT)
Received: from hipster.bestpractical.com ([127.0.0.1]) by localhost (hipster.bestpractical.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qRQIMeaTTnoR for <cpan-bug+Win32-EventLog [...] hipster.bestpractical.com>; Tue, 5 Oct 2010 10:42:51 -0400 (EDT)
Received: from la.mx.develooper.com (x1.develooper.com [207.171.7.70]) by hipster.bestpractical.com (Postfix) with SMTP id 8664424026C for <bug-Win32-EventLog [...] rt.cpan.org>; Tue, 5 Oct 2010 10:42:50 -0400 (EDT)
Received: (qmail 18468 invoked by uid 103); 5 Oct 2010 14:46:13 -0000
Received: from x16.dev (10.0.100.26) by x1.dev with QMQP; 5 Oct 2010 14:46:13 -0000
Received: from smtp64.intersmtp.COM (HELO smtpe1.intersmtp.com) (62.239.224.237) by 16.mx.develooper.com (qpsmtpd/0.80) with ESMTP; Tue, 05 Oct 2010 07:46:11 -0700
Received: from EVMHT62-UKRD.domain1.systemhost.net (10.36.3.128) by RDW083A008ED64.smtp-e4.hygiene.service (10.187.98.13) with Microsoft SMTP Server (TLS) id 8.2.254.0; Tue, 5 Oct 2010 15:46:07 +0100
Received: from EVMHT02-UKBR.domain1.systemhost.net (193.113.108.43) by EVMHT62-UKRD.domain1.systemhost.net (10.36.3.128) with Microsoft SMTP Server (TLS) id 8.2.254.0; Tue, 5 Oct 2010 15:46:07 +0100
Received: from EMV02-UKBR.domain1.systemhost.net ([169.254.1.219]) by EVMHT02-UKBR.domain1.systemhost.net ([193.113.108.43]) with mapi; Tue, 5 Oct 2010 15:46:06 +0100
Delivered-To: cpan-bug+Win32-EventLog [...] hipster.bestpractical.com
Subject: RE: [rt.cpan.org #61907] AutoReply: Read event logs for "Application Channels" ?
Return-Path: <duncan.loveday [...] bt.com>
Thread-Index: ActkmQ7BezZW6vX+SRClIHjH3J66JwAAswdA
X-Spam-Check-BY: 16.mx.develooper.com
X-Original-To: cpan-bug+Win32-EventLog [...] hipster.bestpractical.com
X-RT-Mail-Extension: win32-eventlog
Date: Tue, 5 Oct 2010 15:46:05 +0100
X-Spam-Level:
Thread-Topic: [rt.cpan.org #61907] AutoReply: Read event logs for "Application Channels" ?
X-MS-Has-Attach:
To: <bug-Win32-EventLog [...] rt.cpan.org>
Accept-Language: en-US, en-GB
Content-Transfer-Encoding: quoted-printable
From: <duncan.loveday [...] bt.com>
RT-Message-ID: <rt-3.8.HEAD-29990-1286289977-660.61907-0-0 [...] rt.cpan.org>
Content-Length: 200
Download (untitled) / with headers
text/plain 200b
Perhaps I should have made clear: There is no problem with reading offline files containing events from any of these files. The problem is only how to read the "live" logs with application channels.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.