Hello. I have a task to familiarize with examples of scripts WMI and to launch them. The problems are as follows:

  1. On the site with an example of an explanation in general, no. I tried to figure it out, but it seems to me that for the first time, and indeed the first example in general, it is a bit difficult to understand something without sensible explanations. Something tried to understand but alas ...
  2. I decided to at least see how the code from the example will work (transfer records from the System event log on the local computer to the EventLog.mdb database with the ComputerName, EventType, EventCode, Message and TimeWritten fields; after the end of the transfer, the System event log is cleared). I get an error: enter image description here And they said that the scripts will be executed in PowerShell without any problems. Or is it because of the lack of a database?
Option Explicit // это начало подключения к WMI Dim cn, rs, oLocator, oSvc, oColEvents, oColEventLog, Item, oLogFile // создание переменных оболочек объектов? Set cn = CreateObject("ADODB.Connection") // создаем объект используя оболочку cn (как в Java)? cn.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data // видимо делаем преобразовываем в строчку что-то???? Source=C:\EventLog.mdb" // указыаем источких для обработки данных cn.Open // не понятно что открываем Set rs = CreateObject("ADODB.Recordset") rs.CursorType = 3 rs.LockType = 3 rs.Open "Events", cn Set oLocator = CreateObject("wbemScripting.Swbemlocator") Set oSvc = oLocator.ConnectServer() Set oColEvents = oSvc.ExecQuery _ ("Select * from Win32_NTLogEvent WHERE Logfile = 'System'") For Each Item In oColEvents rs.AddNew rs("ComputerName") = Item.ComputerName rs("EventType") = Item.Type rs("EventCode") = Item.EventCode rs("Message") = Item.Message rs("TimeWritten") = Item.TimeWritten rs.Update Next Set oColEventLog = oSvc.ExecQuery _ ("Select * from Win32_NTEventLogFile WHERE LogFileName = 'System'") For Each oLogFile In oColEventLog oLogFile.ClearEventLog Next WScript.Echo "Done"

In general, I ask for help with an explanation.

  • Try to write Set oColEventLog = oSvc.ExecQuery _ ("Select * from Win32_NTEventLogFile WHERE LogFileName = 'System'" in one line) - Albert Fomin
  • @AlbertFomin, you know tried to do it in other points - it helped. But now the error cannot find the EventLog.mdb file, I created the text so and changed the extension to the necessary one. But this is wrong? Or, based on this condition, you can write to a plain text file, because I do not have the database itself described in the example, or rather I don’t have a disk with it? - Muscled Boy
  • @AlbertFomin, but apparently it’s not possible there, because not just a text document is needed, and methods are not used for it - Muscled Boy
  • You need a table with columns of the same type as you will write. MDB is the MS Access database. You can create in Access - Albert Fomin
  • @AlbertFomin, and how else can you do it? MySQL is not suitable? - Muscled Boy

1 answer 1

Dim cn, rs, oLocator, oSvc, oColEvents, oColEventLog, Item, oLogFile // создание переменных Set cn = CreateObject("ADODB.Connection") // Здесь CreateObject создает объект Connection cn.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0; Для Connection прописывается Connection Strings с помощью которых он соединяется с базой MS Access Source=C:\EventLog.mdb" // указываем путь к базе (источник данных) cn.Open // Открываем Connection, теперь мы можем работать с базой Set rs = CreateObject("ADODB.Recordset") - Создаем объект RecordSet rs.CursorType = 3 rs.LockType = 3 rs.Open "Events", cn // открываем таблицу events в нашем Connection, то есть сейчас при помощи rs управляем этой таблицей Set oLocator = CreateObject("wbemScripting.Swbemlocator") //Создаем объект Swbemlocator Set oSvc = oLocator.ConnectServer() // соединяемся с сервером Set oColEvents = oSvc.ExecQuery ("Select * from Win32_NTLogEvent WHERE Logfile = 'System'") // выполняем запрос: выбор все записей для логфайла System For Each Item In oColEvents // цикл обработки по записям rs.AddNew // добавили новую строку в таблицу rs("ComputerName") = Item.ComputerName rs("EventType") = Item.Type rs("EventCode") = Item.EventCode rs("Message") = Item.Message rs("TimeWritten") = Item.TimeWritten rs.Update // присвоили и обновили, Next // цикл завершен Set oColEventLog = oSvc.ExecQuery _ ("Select * from Win32_NTEventLogFile WHERE LogFileName = 'System'") For Each oLogFile In oColEventLog oLogFile.ClearEventLog // чистим eventlog Next WScript.Echo "Done"

  • I am very grateful to you I will understand. If I still don’t understand something - I’ll ask again - Muscled Boy
  • What is “ADODB” a type of connection? and where did "Option Explicit" go? - Muscled Boy
  • The algorithm is approximately as follows. The database opens, a table opens, a WMI connection object is created, through WMI requests data is obtained that is written to the table. To open the database, the Connection strings for each DBMS are used, they are their own. Working with data comes with the help of ado - Albert Fomin
  • ADO - roughly a Microsoft interface for accessing the database. Option Explicit is a Basic lotion - Albert Fomin
  • thanks, I understand further - Muscled Boy