ITPub博客

首页 > Linux操作系统 > Linux操作系统 > 一段备份windows 安全日志的脚本

一段备份windows 安全日志的脚本

原创 Linux操作系统 作者:fjmingyang 时间:2019-04-19 07:51:04 0 删除 编辑

AD server的安全日志增长很快,于是写了段vbs脚本做备份

strComputer = "."
targetLogs="security" '可用值为 application,system,security
BackupDest="d:event_log"&date&""
filename=BackupDest&targetLogs&CStr(date)&" "&replace(time,":","")&".evt"

Set ofso = wscript.CreateObject("Scripting.FileSystemObject")
if not ofso.FolderExists(BackupDest) then
Set f = ofso.CreateFolder(date) '创建文件夹
end if

Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate,(Backup)}!" & _
strComputer & "rootcimv2") '获得 VMI对象
Set colLogFiles = objWMIService.ExecQuery _
("Select * from Win32_NTEventLogFile where LogFileName='"&targetLogs&"'")
For Each objLogfile in colLogFiles
errBackupLog = objLogFile.BackupEventLog(filename) '将日志备份
objLogFile.ClearEventLog() '将日志清空
If errBackupLog <> 0 Then
'Wscript.Echo "The event log could not be backed up."
else 'Wscript.Echo "success backup log"
End If
Next


来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/1698901/viewspace-103235/,如需转载,请注明出处,否则将追究法律责任。

请登录后发表评论 登录
全部评论

注册时间:2006-04-03

  • 博文量
    62
  • 访问量
    44954