Is wevtutil the right query?

A

Anton2015-05-20 12:32:00

cmd/bat

Anton, 2015-05-20 12:32:00

Good day.
I want to write a batch file that takes the source name and event code as input. At the output, you need to get - errorlevel = 0 if the event is not found, 1 - if it is found. Also it would be desirable to fasten possibility of reception of kol-va events.
Events from the System log, for example.
I’ll make the wevtutil request myself, but I don’t know how to accept input parameters =/

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

E

Eugene, 2015-05-20
@yellowmew

This?

A

Anton, 2015-05-24
@hunk3r

@echo off
SetLocal EnableExtensions EnableDelayedExpansion
chcp 1251 >nul
set r=%1
set u=%2
set p=%3
set x=%4
set y=%5
set z=%6
FOR /F "usebackq delims=" %% i IN ('%windir%\system32\wevtutil.exe qe /r:%r% /u:%u% /p:%p% %x% /rd:true /f:text /q:"*[% x%[Provider[@Name='%y%'] and ^(EventID=%z%^)]]" ^| find /c "%z%"') do set "cnt=%%~i"
if errorlevel 0 set err=1
if errorlevel 1 set err=0
echo %err%
echo %cnt%
Well, where is the error here?