|
|
'********************************************************************'*'* Copyright (c) Microsoft Corporation. All rights reserved. '*'* Module Name: EVENTQUERY.vbs '*'* Abstract: Enables an administrator to query/view all existing'* events in a given event log(s).'*'*'********************************************************************' Global declaration OPTION EXPLICIT
ON ERROR RESUME NEXTErr.Clear
'----------------------------------------------------------------' Start of localization Content'----------------------------------------------------------------
' the filter operators specified by the userCONST L_OperatorEq_Text = "eq"CONST L_OperatorNe_Text = "ne"CONST L_OperatorGe_Text = "ge"CONST L_OperatorLe_Text = "le"CONST L_OperatorGt_Text = "gt"CONST L_OperatorLt_Text = "lt"
' the filters as given by the userCONST L_UserFilterDateTime_Text = "datetime"CONST L_UserFilterType_Text = "type" CONST L_UserFilterUser_Text = "user" CONST L_UserFilterComputer_Text = "computer"CONST L_UserFilterSource_Text = "source"CONST L_UserFilterDateCategory_Text = "category"CONST L_UserFilterId_Text = "id"
' Define default valuesCONST L_ConstDefaultFormat_Text = "TABLE"
' Define other format valuesCONST L_Const_List_Format_Text = "LIST"CONST L_Const_Csv_Format_Text = "CSV"
' the text displayed in columns when no output is obtained for displayCONST L_TextNa_Text = "N/A"CONST L_TextNone_Text = "None"
' the following texts are used while parsing the command-line arguments' (passed as input to the function component.getArguments)CONST L_MachineName_Text = "Server Name"CONST L_UserName_Text = "User Name"CONST L_UserPassword_Text = "User Password"CONST L_Format_Text = "Format"CONST L_Range_Text = "Range"CONST L_Filter_Text = "Filter"CONST L_Log_Text = "Logname"
' the column headers used in the output displayCONST L_ColHeaderType_Text = "Type"CONST L_ColHeaderDateTime_Text = "Date Time"CONST L_ColHeaderSource_Text = "Source"CONST L_ColHeaderCategory_Text = "Category"CONST L_ColHeaderEventcode_Text = "Event"CONST L_ColHeaderUser_Text = "User"CONST L_ColHeaderComputerName_Text = "ComputerName"CONST L_ColHeaderDesription_Text = "Description"
' variable use to concatenate the Localization Strings.' Error Messages Dim UseCscriptErrorMessageDim InvalidParameterErrorMessageDim InvalidFormatErrorMessageDim InvalidCredentialsForServerErrorMessageDim InvalidCredentialsForUserErrorMessageDim InvalidSyntaxErrorMessageDim InvalidInputErrorMessageDim InvalidORSyntaxInFilterErrorMessageDim InvalidSyntaxMoreNoRepeatedErrorMessage
UseCscriptErrorMessage = L_UseCscript1_ErrorMessage & vbCRLF & _ L_UseCscript2_ErrorMessage & vbCRLF & vbCRLF & _ L_UseCscript3_ErrorMessage & vbCRLF & _ L_UseCscript4_ErrorMessage & vbCRLF & vbCRLF & _ L_UseCscript5_ErrorMessage
CONST L_HelpSyntax1_Message = "Type ""%1 /?"" for usage."CONST L_HelpSyntax2_Message = "Type ""%2 /?"" for usage."
CONST L_InvalidParameter1_ErrorMessage = "ERROR: Invalid Argument/Option - '%1'." InvalidParameterErrorMessage = L_InvalidParameter1_ErrorMessage & vbCRLF & L_HelpSyntax2_Message
CONST L_InvalidFormat1_ErrorMessage = "ERROR: Invalid 'FORMAT' '%1' specified." InvalidFormatErrorMessage = L_InvalidFormat1_ErrorMessage & vbCRLF & L_HelpSyntax2_Message
CONST L_InvalidRange_ErrorMessage = "ERROR: Invalid 'RANGE' '%1' specified."CONST L_Invalid_ErrorMessage = "ERROR: Invalid '%1'."CONST L_InvalidType_ErrorMessage = "ERROR: Invalid 'TYPE' '%1' specified for the 'FILTER' '%2'."CONST L_InvalidUser_ErrorMessage = "ERROR: Invalid 'USER' '%1' specified for the 'FILTER '%2'."CONST L_InvalidId_ErrorMessage = "ERROR: Invalid 'ID' '%1' specified for the 'FILTER' '%2'."CONST L_InvalidFilter_ErrorMessage = "ERROR: Invalid 'FILTER' '%1' specified for the 'FILTER' '%2'."CONST L_InvalidFilterFormat_ErrorMessage = "ERROR: The FILTER '%1' is not in the required format."CONST L_InvalidFilterOperation_ErrorMessage = "ERROR: Invalid FILTER operator '%1' specified for the filter '%2'."
CONST L_InvalidCredentialsForServer1_ErrorMessage = "ERROR: Invalid Syntax. /U can be specified only when /S is specified."InvalidCredentialsForServerErrorMessage = L_InvalidCredentialsForServer1_ErrorMessage & vbCRLF & L_HelpSyntax1_Message
CONST L_InvalidCredentialsForUser1_ErrorMessage = "ERROR: Invalid Syntax. /P can be specified only when /U is specified."InvalidCredentialsForUserErrorMessage = L_InvalidCredentialsForUser1_ErrorMessage & vbCRLF & L_HelpSyntax1_Message
CONST L_InvalidOperator_ErrorMessage = "ERROR: Invalid operator specified for the range of dates in the 'DATETIME' filter."CONST L_InvalidDateTimeFormat_ErrorMessage = "ERROR: Invalid 'DATETIME' format specified. Format:mm/dd/yy(yyyy),hh:mm:ssAM(/PM)"
CONST L_ExecuteQuery_ErrorMessage = "ERROR: Unable to execute the query for the '%1' log."CONST L_LogDoesNotExist_ErrorMessage = "ERROR: The log file '%1' does not exist."CONST L_InstancesFailed_ErrorMessage = "ERROR: Unable to get the log details from the system."
CONST L_InvalidSyntax1_ErrorMessage = "ERROR: Invalid Syntax." InvalidSyntaxErrorMessage = L_InvalidSyntax1_ErrorMessage & vbCRLF & L_HelpSyntax1_Message
CONST L_InvalidInput1_ErrorMessage = "ERROR: Invalid input. Please check the input Values."InvalidInputErrorMessage = L_InvalidInput1_ErrorMessage & vbCRLF & L_HelpSyntax1_Message
CONST L_ObjCreationFail_ErrorMessage = "ERROR: Unexpected Error , Query failed. "CONST L_InfoUnableToInclude_ErrorMessage = "ERROR: Unable to include the common module""CmdLib.Wsc""."CONST L_NoHeaderaNotApplicable_ErrorMessage = "ERROR: /NH option is allowed only for ""TABLE"" and ""CSV"" formats."CONST L_InValidServerName_ErrorMessage = "ERROR: Invalid Syntax. System name cannot be empty."CONST L_InValidUserName_ErrorMessage = "ERROR: Invalid Syntax. User name cannot be empty. "
CONST L_InvalidORSyntaxInFilter1_ErrorMessage = "ERROR: Invalid 'OR' operation is specified for the filter."CONST L_InvalidORSyntaxInFilter2_ErrorMessage = "'OR' operation valid only for filters TYPE and ID." InvalidORSyntaxInFilterErrorMessage = L_InvalidORSyntaxInFilter1_ErrorMessage & vbCRLF & L_InvalidORSyntaxInFilter2_ErrorMessage
CONST L_InvalidSyntaxMoreNoRepeated1_ErrorMessage = "ERROR: Invalid Syntax. '%1' option is not allowed more than 1 time(s)."InvalidSyntaxMoreNoRepeatedErrorMessage = L_InvalidSyntaxMoreNoRepeated1_ErrorMessage & vbCRLF & L_HelpSyntax2_Message
' Hints given in case of errorsCONST L_HintCheckConnection_Message = "ERROR: Please check the system name, credentials and WBEM Core."
' Informational messagesCONST L_InfoNoRecordsInFilter_Message = "INFO: No records available for the '%1' log with the specified criteria."CONST L_InfoNoRecords_Message = "INFO: No records available for the '%1' log."CONST L_InfoNoLogsPresent_Message = "INFO: No logs are available in the system."CONST L_InfoDisplayLog_Message = "Listing the events in '%1' log of host '%2'"
' Cscript usage stringsCONST L_UseCscript1_ErrorMessage = "This script should be executed from the Command Prompt using CSCRIPT.EXE."CONST L_UseCscript2_ErrorMessage = "For example: CSCRIPT EVENTQUERY.vbs <arguments>"CONST L_UseCscript3_ErrorMessage = "To set CScript as the default application to run .vbs files run the following"CONST L_UseCscript4_ErrorMessage = " CSCRIPT //H:CSCRIPT //S" CONST L_UseCscript5_ErrorMessage = "You can then run ""EVENTQUERY.vbs <arguments>"" without preceding the script with CSCRIPT."
' Contents for showing help for Usage CONST L_ShowUsageLine00_Text = "No logs are available on this system for query."CONST L_ShowUsageLine01_Text = "EVENTQUERY.vbs [/S system [/U username [/P password]]] [/FI filter]"CONST L_ShowUsageLine02_Text = " [/FO format] [/R range] [/NH] [/V] [/L logname | *]"CONST L_ShowUsageLine03_Text = "Description:"CONST L_ShowUsageLine04_Text = " The EVENTQUERY.vbs script enables an administrator to list"CONST L_ShowUsageLine05_Text = " the events and event properties from one or more event logs."CONST L_ShowUsageLine06_Text = "Parameter List:"CONST L_ShowUsageLine07_Text = " /S system Specifies the remote system to connect to."CONST L_ShowUsageLine08_Text = " /U [domain\]user Specifies the user context under which the"CONST L_ShowUsageLine09_Text = " command should execute."CONST L_ShowUsageLine10_Text = " /P password Specifies the password for the given"CONST L_ShowUsageLine11_Text = " user context."CONST L_ShowUsageLine12_Text = " /V Specifies that the detailed information"CONST L_ShowUsageLine13_Text = " should be displayed in the output."CONST L_ShowUsageLine14_Text = " /FI filter Specifies the types of events to"CONST L_ShowUsageLine15_Text = " filter in or out of the query."CONST L_ShowUsageLine16_Text = " /FO format Specifies the format in which the output"CONST L_ShowUsageLine17_Text = " is to be displayed."CONST L_ShowUsageLine18_Text = " Valid formats are ""TABLE"", ""LIST"", ""CSV""."CONST L_ShowUsageLine19_Text = " /R range Specifies the range of events to list."CONST L_ShowUsageLine20_Text = " Valid Values are:"CONST L_ShowUsageLine21_Text = " 'N' - Lists 'N' most recent events."CONST L_ShowUsageLine22_Text = " '-N' - Lists 'N' oldest events."CONST L_ShowUsageLine23_Text = " 'N1-N2' - Lists the events N1 to N2." CONST L_ShowUsageLine24_Text = " /NH Specifies that the ""Column Header"" should"CONST L_ShowUsageLine25_Text = " not be displayed in the output."CONST L_ShowUsageLine26_Text = " Valid only for ""TABLE"" and ""CSV"" formats."CONST L_ShowUsageLine27_Text = " /L logname Specifies the log(s) to query."CONST L_ShowUsageLine28_Text = " /? Displays this help/usage."CONST L_ShowUsageLine29_Text = " Valid Filters Operators allowed Valid Values"CONST L_ShowUsageLine30_Text = " ------------- ------------------ ------------"CONST L_ShowUsageLine31_Text = " DATETIME eq,ne,ge,le,gt,lt mm/dd/yy(yyyy),hh:mm:ssAM(/PM)"CONST L_ShowUsageLine32_Text = " TYPE eq,ne ERROR, INFORMATION, WARNING,"CONST L_ShowUsageLine33_Text = " SUCCESSAUDIT, FAILUREAUDIT"CONST L_ShowUsageLine34_Text = " ID eq,ne,ge,le,gt,lt non-negative integer"CONST L_ShowUsageLine35_Text = " USER eq,ne string"CONST L_ShowUsageLine36_Text = " COMPUTER eq,ne string"CONST L_ShowUsageLine37_Text = " SOURCE eq,ne string"CONST L_ShowUsageLine38_Text = " CATEGORY eq,ne string"CONST L_ShowUsageLine39_Text = "NOTE: Filter ""DATETIME"" can be specified as ""FromDate-ToDate"""CONST L_ShowUsageLine40_Text = " Only ""eq"" operator can be used for this format."CONST L_ShowUsageLine41_Text = "Examples:"CONST L_ShowUsageLine42_Text = " EVENTQUERY.vbs "CONST L_ShowUsageLine43_Text = " EVENTQUERY.vbs /L system "CONST L_ShowUsageLine44_Text = " EVENTQUERY.vbs /S system /U user /P password /V /L *"CONST L_ShowUsageLine45_Text = " EVENTQUERY.vbs /R 10 /L Application /NH"CONST L_ShowUsageLine46_Text = " EVENTQUERY.vbs /R -10 /FO LIST /L Security"CONST L_ShowUsageLine47_Text = " EVENTQUERY.vbs /R 5-10 /L ""DNS Server"""CONST L_ShowUsageLine48_Text = " EVENTQUERY.vbs /FI ""Type eq Error"" /L Application"CONST L_ShowUsageLine49_Text = " EVENTQUERY.vbs /L Application"CONST L_ShowUsageLine50_Text = " /FI ""Datetime eq 06/25/00,03:15:00AM-06/25/00,03:15:00PM"""CONST L_ShowUsageLine51_Text = " EVENTQUERY.vbs /FI ""Datetime gt 08/03/00,06:20:00PM"" "CONST L_ShowUsageLine52_Text = " /FI ""Id gt 700"" /FI ""Type eq warning"" /L System"CONST L_ShowUsageLine53_Text = " EVENTQUERY.vbs /FI ""Type eq error OR Id gt 1000 """'-------------------------------------------------------------------------' END of localization content'-------------------------------------------------------------------------
' Define constantsCONST CONST_ERROR = 0CONST CONST_CSCRIPT = 2CONST CONST_SHOW_USAGE = 3CONST CONST_PROCEED = 4CONST CONST_ERROR_USAGE = 5CONST CONST_NO_MATCHES_FOUND = 0
' Define the Exit ValuesCONST EXIT_SUCCESS = 0CONST EXIT_UNEXPECTED = 255CONST EXIT_INVALID_INPUT = 254CONST EXIT_METHOD_FAIL = 250CONST EXIT_INVALID_PARAM = 999CONST EXIT_INVALID_PARAM_DEFAULT_OPTION_REPEATED = 777
' Define default valuesCONST CONST_ARRAYBOUND_NUMBER = 10CONST CONST_ID_NUMBER = 65535
' Define namespace and class names of wmiCONST CONST_NAMESPACE_CIMV2 = "root\cimv2"CONST CLASS_EVENTLOG_FILE = "Win32_NTEventlogFile"
' for blank line in help usage CONST EmptyLine_Text = " "
' Define the various strings used in the script'=============================================' the valid options supported by the scriptCONST OPTION_SERVER = "s"CONST OPTION_USER = "u"CONST OPTION_PASSWORD = "p"CONST OPTION_FORMAT = "fo"CONST OPTION_RANGE = "r"CONST OPTION_NOHEADER = "nh"CONST OPTION_VERBOSE = "v"CONST OPTION_FILTER = "fi"CONST OPTION_HELP = "?"CONST OPTION_LOGNAME = "l"
' the property names on which the user given filters are appliedCONST FLD_FILTER_DATETIME = "TimeGenerated"CONST FLD_FILTER_TYPE = "Type"CONST FLD_FILTER_USER = "User"CONST FLD_FILTER_COMPUTER = "ComputerName"CONST FLD_FILTER_SOURCE = "SourceName"CONST FLD_FILTER_CATEGORY = "CategoryString"CONST FLD_FILTER_ID = "EventCode"CONST FLD_FILTER_EVENTTYPE = "EventType"
' Define matching patterns used in validationsCONST PATTERNFORMAT = "^(table|list|csv)$"CONST PATTERNTYPE = "^(ERROR|INFORMATION|WARNING|SUCCESSAUDIT|FAILUREAUDIT)$"
' Property values on which the user is given for the filter TYPE is applied CONST PATTERNTYPE_ERROR = "ERROR"CONST PATTERNTYPE_WARNING = "WARNING"CONST PATTERNTYPE_INFORMATION = "INFORMATION"CONST PATTERNTYPE_SUCCESSAUDIT = "SUCCESSAUDIT"CONST PATTERNTYPE_FAILUREAUDIT = "FAILUREAUDIT"
CONST FLDFILTERTYPE_SUCCESSAUDIT = "audit success"CONST FLDFILTERTYPE_FAILUREAUDIT = "audit failure"
' Define EventTypeCONST EVENTTYPE_ERROR = "1"CONST EVENTTYPE_WARNING = "2"CONST EVENTTYPE_INFORMATION = "3"CONST EVENTTYPE_SUCCESSAUDIT = "4"CONST EVENTTYPE_FAILUREAUDIT = "5"
' the operator symbolsCONST SYMBOL_OPERATOR_EQ = "="CONST SYMBOL_OPERATOR_NE = "<>"CONST SYMBOL_OPERATOR_GE = ">="CONST SYMBOL_OPERATOR_LE = "<="CONST SYMBOL_OPERATOR_GT = ">"CONST SYMBOL_OPERATOR_LT = "<"
' Define matching patterns used in validationsCONST PATTERN_RANGE = "^\d*-?\d+$"CONST PATTERN_FILTER = "^([a-z]+)([\s]+)([a-z]+)([\s]+)([\w+]|[\W+]|\\)"CONST PATTERN_DATETIME = "^\d{1,2}\/\d{1,2}\/\d{2,4},\d{1,2}:\d{1,2}:\d{1,2}(A|P)M$"CONST PATTERN_INVALID_USER = "\|\[|\]|\:|\||\<|\>|\+|\=|\;|\,|\?|\*"CONST PATTERN_ID = "^(\d+)$"CONST PATTERN_DATETIME_RANGE = "^\d{1,2}\/\d{1,2}\/\d{2,4},\d{1,2}:\d{1,2}:\d{1,2}(A|P)M\-\d{1,2}\/\d{1,2}\/\d{2,4},\d{1,2}:\d{1,2}:\d{1,2}(A|P)M$"
' Define UNC format for server name CONST UNC_Format_Servername = "\\"
' Define const for filter separation when OR is specified in filter CONST L_OperatorOR_Text = " OR "
' Variable to trap local if already connection in wmiconnect function Dim blnLocalConnection
blnLocalConnection = False 'defalut value
' to include the common moduleDim component ' object to store common module
Set component = CreateObject( "Microsoft.CmdLib" )
If Err.Number Then WScript.Echo(L_InfoUnableToInclude_ErrorMessage) WScript.Quit(EXIT_METHOD_FAIL)End If
' referring the script host to common module Set component.ScriptingHost = WScript.Application
' Check whether the script is run using CScriptIf CInt( component.checkScript() ) <> CONST_CSCRIPT Then WScript.Echo (UseCscriptErrorMessage) WScript.Quit(EXIT_UNEXPECTED)End If
' Calling the Main function Call VBMain()
' end of the Main Wscript.Quit(EXIT_SUCCESS)
'********************************************************************'* Sub: VBMain'*'* Purpose: This is main function to starts execution '*'*'* Input/ Output: None'********************************************************************Sub VBMain()
ON ERROR RESUME NEXTErr.clear
' Declare variablesDim intOpCode ' to check the operation asked for, Eg:Help etcDim strMachine ' the machine to query the events fromDim strUserName ' the user name to use to query the machine Dim strPassword ' the password for the user to query the machineDim strFormat ' format of display, default is tableDim strRange ' to store the range of records specifiedDim blnNoHeader ' flag to store if header is not requiredDim blnVerboseDisplay ' flag to verify if verbose display is needed ReDim arrFilters(5) ' to store all the given filtersDim objLogs ' a object to store all the given logfles
' Initialize variablesintOpCode = 0strFormat = L_ConstDefaultFormat_TextstrRange = ""blnNoHeader = FALSEblnVerboseDisplay = FALSE
Set objLogs = CreateObject("Scripting.Dictionary")
If Err.Number Then WScript.Echo (L_ObjCreationFail_ErrorMessage) WScript.Quit(EXIT_METHOD_FAIL)End If
' setting Dictionary object compare mode to VBBinaryCompareobjLogs.CompareMode = VBBinaryCompare
' Parse the command lineintOpCode = intParseCmdLine(strMachine, _ strUserName, _ strPassword, _ arrFilters, _ strFormat, _ strRange, _ blnVerboseDisplay, _ blnNoHeader, _ objLogs)
If Err.number then ' error in parsing the Command line component.vbPrintf InvalidInputErrorMessage ,Array(Ucase(Wscript.ScriptName)) WScript.Quit(EXIT_UNEXPECTED) End If
' check the operation specified by the userSelect Case intOpCode
Case CONST_SHOW_USAGE ' help asked for Call ShowUsage()
Case CONST_PROCEED Call ShowEvents(strMachine, strUserName, strPassword, _ arrFilters, strFormat, strRange, _ blnVerboseDisplay, blnNoHeader, objLogs) ' completed successfully WScript.Quit(EXIT_SUCCESS)
Case CONST_ERROR ' print common help message. component.vbPrintf L_HelpSyntax1_Message, Array(Ucase(Wscript.ScriptName)) Wscript.Quit(EXIT_INVALID_INPUT)
Case CONST_ERROR_USAGE ' help is asked help with some other parameters component.vbPrintf InvalidSyntaxErrorMessage, Array(Ucase(Wscript.ScriptName)) WScript.Quit(EXIT_INVALID_INPUT)
Case EXIT_INVALID_PARAM_DEFAULT_OPTION_REPEATED 'More no of times input values specified.message is captured at parser level so exit only with code. Wscript.Quit(EXIT_INVALID_PARAM)
Case Else 'Invalid input values specified. component.vbPrintf InvalidSyntaxErrorMessage, Array(Ucase(Wscript.ScriptName)) Wscript.Quit(EXIT_INVALID_PARAM)
End Select
End Sub'*************************** End of Main **************************
'********************************************************************'* Function: intParseCmdLine'*'* Purpose: Parses the command line arguments to the variables'*'* Input: '* [out] strMachine machine to query events from'* [out] strUserName user name to connect to the machine'* [out] strPassword password for the user'* [out] arrFilters the array containing the filters'* [out] strFormat the display format'* [out] strRange the range of records required'* [out] blnVerboseDisplay flag to verify if verbose display is needed '* [out] blnNoHeader flag to verify if noheader display is needed '* [out] objLogs to store all the given logfles'* Output: Returns CONST_PROCEED, CONST_SHOW_USAGE or CONST_ERROR'* Displays error message and quits if invalid option is asked'*'********************************************************************Private Function intParseCmdLine( ByRef strMachine, _ ByRef strUserName, _ ByRef strPassword, _ ByRef arrFilters, _ ByRef strFormat, _ ByRef strRange, _ ByRef blnVerboseDisplay, _ ByRef blnNoHeader,_ ByRef objLogs)
ON ERROR RESUME NEXT Err.Clear
Dim strUserGivenArg ' to temporarily store the user given arguments to script Dim strTemp ' to store temporary values Dim intArgIter ' to count the number of arguments given by user Dim intArgLogType ' to count number of log files specified - Used in ReDim Dim intFilterCount ' to count number of filters specified - Used in ReDim
Dim blnHelp ' to check if already Help is specified Dim blnFormat ' to check if already Format is specified Dim blnRange ' to check if already Range is specified Dim blnServer ' to check if already Server is specified Dim blnPassword ' to check if already Password is specified Dim blnUser ' to check if already User is specified
strUserGivenArg = "" intArgLogType = 0 intFilterCount = 0 intArgIter = 0
'default values blnHelp = False blnPassword = False blnUser = False blnServer = False blnFormat = False
' Retrieve the command line and set appropriate variablesDo While intArgIter <= Wscript.arguments.Count - 1 strUserGivenArg = Wscript.arguments.Item(intArgIter)
IF Left( strUserGivenArg,1) = "/" OR Left( strUserGivenArg,1) = "-" Then strUserGivenArg = Right( strUserGivenArg,Len(strUserGivenArg) -1 )
Select Case LCase(strUserGivenArg) Case LCase(OPTION_SERVER)
'If more than 1 time(s) is spcecified If blnServer =True Then component.vbPrintf InvalidSyntaxMoreNoRepeatedErrorMessage, Array(Wscript.arguments.Item(intArgIter), Ucase(Wscript.ScriptName)) intParseCmdLine = EXIT_INVALID_PARAM_DEFAULT_OPTION_REPEATED Exit Function End If
If Not component.getArguments(L_MachineName_Text, strMachine, intArgIter, FALSE) Then intParseCmdLine = CONST_ERROR Exit Function End If
blnServer =True intArgIter = intArgIter + 1
Case LCase(OPTION_USER)
'If more than 1 time(s) is spcecified If blnUser =True Then component.vbPrintf InvalidSyntaxMoreNoRepeatedErrorMessage, Array(Wscript.arguments.Item(intArgIter), Ucase(Wscript.ScriptName)) intParseCmdLine = EXIT_INVALID_PARAM_DEFAULT_OPTION_REPEATED Exit Function End If
If Not component.getArguments(L_UserName_Text, strUserName, intArgIter, FALSE) Then intParseCmdLine = CONST_ERROR Exit Function End If blnUser =True intArgIter = intArgIter + 1
Case LCase(OPTION_PASSWORD)
'If more than 1 time(s) is spcecified If blnPassword =True Then component.vbPrintf InvalidSyntaxMoreNoRepeatedErrorMessage, Array(Wscript.arguments.Item(intArgIter), Ucase(Wscript.ScriptName)) intParseCmdLine = EXIT_INVALID_PARAM_DEFAULT_OPTION_REPEATED Exit Function End If
If Not component.getArguments(L_UserPassword_Text, strPassword, intArgIter, FALSE) Then intParseCmdLine = CONST_ERROR Exit Function End If
blnPassword =True intArgIter = intArgIter + 1
Case LCase(OPTION_FORMAT)
'If more than 1 time(s) is spcecified If blnFormat =True Then component.vbPrintf InvalidSyntaxMoreNoRepeatedErrorMessage, Array(Wscript.arguments.Item(intArgIter), Ucase(Wscript.ScriptName)) intParseCmdLine = EXIT_INVALID_PARAM_DEFAULT_OPTION_REPEATED Exit Function End If
If Not component.getArguments(L_Format_Text,strFormat, intArgIter, FALSE) Then intParseCmdLine = CONST_ERROR Exit Function End If
blnFormat =True intArgIter = intArgIter + 1 Case LCase(OPTION_RANGE)
'If more than 1 time(s) is spcecified If blnRange =True Then component.vbPrintf InvalidSyntaxMoreNoRepeatedErrorMessage, Array(Wscript.arguments.Item(intArgIter), Ucase(Wscript.ScriptName)) intParseCmdLine = EXIT_INVALID_PARAM_DEFAULT_OPTION_REPEATED Exit Function End If
If Not component.getArguments(L_Range_Text,strRange, intArgIter,TRUE) Then intParseCmdLine = CONST_ERROR Exit Function End If
blnRange =True intArgIter = intArgIter + 1
Case LCase(OPTION_NOHEADER)
'If more than 1 time(s) is spcecified If blnNoHeader =True Then component.vbPrintf InvalidSyntaxMoreNoRepeatedErrorMessage, Array(Wscript.arguments.Item(intArgIter), Ucase(Wscript.ScriptName)) intParseCmdLine = EXIT_INVALID_PARAM_DEFAULT_OPTION_REPEATED Exit Function End If
blnNoHeader = TRUE intArgIter = intArgIter + 1 Case LCase(OPTION_VERBOSE)
'If more than 1 time(s) is spcecified If blnVerboseDisplay =True Then component.vbPrintf InvalidSyntaxMoreNoRepeatedErrorMessage, Array(Wscript.arguments.Item(intArgIter), Ucase(Wscript.ScriptName)) intParseCmdLine = EXIT_INVALID_PARAM_DEFAULT_OPTION_REPEATED Exit Function End If
blnVerboseDisplay = TRUE intArgIter = intArgIter + 1
Case LCase(OPTION_FILTER)
If Not component.getArguments(L_Filter_Text, strTemp, intArgIter, FALSE) Then intParseCmdLine = CONST_ERROR Exit Function End If
arrFilters(intFilterCount) = strTemp intFilterCount = intFilterCount + 1 intArgIter = intArgIter + 1
If ((intFilterCount MOD 5) = 0) Then ReDim PRESERVE arrFilters(intFilterCount + 5) End If
Case LCase(OPTION_HELP) If blnHelp =True then intParseCmdLine = EXIT_INVALID_PARAM Exit Function End If
blnHelp =True intParseCmdLine = CONST_SHOW_USAGE intArgIter = intArgIter + 1
Case LCase(OPTION_LOGNAME) If Not component.getArguments(L_Log_Text, strTemp, intArgIter, FALSE) Then intParseCmdLine = CONST_ERROR Exit Function Else If NOT objLogs.Exists(LCase(strTemp)) Then objLogs.Add LCase(strTemp), -1 End If intArgIter = intArgIter + 1 End if
Case Else ' invalid switch specified component.vbPrintf InvalidParameterErrorMessage, Array(Wscript.arguments.Item(intArgIter),Ucase(Wscript.ScriptName)) Wscript.Quit(EXIT_INVALID_INPUT) End SelectElse ' invalid argument specified component.vbPrintf InvalidParameterErrorMessage, Array(Wscript.arguments.Item(intArgIter),Ucase(Wscript.ScriptName)) Wscript.Quit(EXIT_INVALID_INPUT)End IF
Loop '** intArgIter <= Wscript.arguments.Count - 1 ' preserving the array with current dimension ReDim PRESERVE arrFilters(intFilterCount-1)
' if no logs specified for query If (ObjLogs.Count = 0 ) Then ObjLogs.Add "*", -1 End If ' check for invalid usage of help If blnHelp and intArgIter > 1 Then intParseCmdLine = CONST_ERROR_USAGE Exit Function End If 'check with default case : no arguments specified If IsEmpty(intParseCmdLine) Then intParseCmdLine = CONST_PROCEED End If
End Function
'********************************************************************'* Function: ValidateArguments'*'* Purpose: Validates the command line arguments given by the user'*'* Input:'* [in] strMachine machine to query events from'* [in] strUserName user name to connect to the machine'* [in] strPassword password for the user'* [in] strFormat the display format'* [in] strRange the range of records required'* [in] blnNoHeader flag to verify if noheader display is needed '* [out] arrFilters the array containing the filters'*'* Output: Returns true if all valid else displays error message and quits'* Gets the password from the user if not specified along with User.'*'********************************************************************Private Function ValidateArguments (ByVal strMachine, _ ByVal strUserName, _ ByVal strPassword, _ ByRef arrFilters, _ ByVal strFormat, _ ByVal strRange,_ ByVal blnNoHeader)
ON ERROR RESUME NEXT Err.Clear
Dim arrTemp ' to store temporary array values
' Check if invalid Server name is given If NOT ISEMPTY(strMachine) THEN If Trim(strMachine) = vbNullString Then WScript.Echo (L_InValidServerName_ErrorMessage) WScript.Quit(EXIT_INVALID_INPUT) End If End If
'Check if invalid User name is given If NOT ISEMPTY(strUserName) THEN If Trim(strUserName) = vbNullString Then WScript.Echo (L_InValidUserName_ErrorMessage ) WScript.Quit(EXIT_INVALID_INPUT) End If End If
' ERROR if user is given without machine OR ' password is given without user If ((strUserName <> VBEmpty) AND (strMachine = VBEmpty)) Then component.vbPrintf InvalidCredentialsForServerErrorMessage, Array(Ucase(Wscript.ScriptName)) WScript.Quit(EXIT_INVALID_INPUT) ElseIf ((strPassword <> VBEmpty) AND (strUserName = VBEmpty))Then component.vbPrintf InvalidCredentialsForUserErrorMessage, Array(Ucase(Wscript.ScriptName)) WScript.Quit(EXIT_INVALID_INPUT) End If
' only table, list and csv display formats allowed ' PATTERNFORMAT '"^(table|list|csv)$" If CInt(component.matchPattern(PATTERNFORMAT,strFormat)) = CONST_NO_MATCHES_FOUND Then component.vbPrintf InvalidFormatErrormessage, Array(strFormat ,Ucase(Wscript.ScriptName)) WScript.Quit(EXIT_INVALID_INPUT) End If
' check : -n header is specified for format of 'LIST' option If blnNoHeader =True and Lcase(strFormat) = Lcase(L_Const_List_Format_Text) then WScript.Echo (L_NoHeaderaNotApplicable_ErrorMessage) WScript.Quit(EXIT_INVALID_INPUT) End If
If Len(Trim(strRange)) > 0 Then ' range is specified, valid formats are N, -N or N1-N2 ' PATTERN_RANGE '"^(\d+|\-\d+|\d+\-\d+)$" If CInt(component.matchPattern(PATTERN_RANGE, strRange)) = CONST_NO_MATCHES_FOUND Then component.vbPrintf L_InvalidRange_ErrorMessage, Array(strRange) WScript.Quit(EXIT_INVALID_INPUT) Else
strRange = CLng(Abs(strRange))
'this err an be trappped when N1-N2 option is given If Err.Number Then arrTemp = split(strRange, "-", 2, VBBinaryCompare) If CLng(arrTemp(0)) => CLng(arrTemp(1)) Then ' invalid range component.vbPrintf L_InvalidRange_ErrorMessage, Array(strRange) WScript.Quit(EXIT_INVALID_INPUT) End If Err.Clear 'if no invalid range N1-N2 clear the error Else If Abs(strRange) = 0 Then component.vbPrintf L_InvalidRange_ErrorMessage, Array(strRange) WScript.Quit(EXIT_INVALID_INPUT) End If End If End If End If
ValidateArguments = TRUEEnd Function
'********************************************************************'* Function: ValidateFilters'*'* Purpose: Validates the filters given by the user.'*'* Input: [in] Objservice the service object'* Input: [out] arrFilters the array containing the filters'*'* Output: If filter is invalid, displays error message and quits'* If valid, filter is prepared for the query and returns true'*'********************************************************************Private Function ValidateFilters(ByRef arrFilters ,ByVal ObjService)
ON ERROR RESUME NEXT Err.Clear
Dim j ' to use in the loop Dim strFilter ' to store the user given filter (Eg:"Type eq Error") Dim arrTempProp ' to store the temporary array filterproperty Dim arrTempOperAndVal ' to store the temporary array filteroperator and filtervalue Dim strTemp ' to store temporary values Dim arrTemp ' to store temporary values of datetime when Range is given (Date1-Date2) Dim strFilterProperty ' the filter criteria that is specified (Eg:Type, ID) Dim strFilterOperation ' the operation specified (Eg: eq, gt) Dim strFilterValue ' the filter value specified
Dim objInstance ' to refer to the instances of the objEnumerator Dim objEnumerator ' to store the results of the query is executed Dim strTempQuery ' string to make query Dim strTimeZone ' to store the TimeZone of the Queried system Dim strSign ' to store "+|-" sign value of TimeZone
' validate each filter stored in the array For j = 0 to UBound(arrFilters) strFilter = arrFilters(j) 'check eigther "OR" is pesent inthe filter value 'Example : "type eq warning " OR " type eq error" [to support ORing in Filter Switch] 'Make a flag in this case "blnOR" present/not 'split it by "OR" SEND as No. of Array elements Dim blnOR 'boolean to refer 'OR' operation is specified Dim strArrFilter 'string to store array of filters if OR is specified
blnOR=False 'Initialise to False
If UBOUND(Split(LCase(strFilter),LCase(L_OperatorOR_Text)) ) > 0 Then 'setting the flag if " OR " specified in filter blnOR =TRUE
'split with "OR" strArrFilter = Split(LCase(strFilter),LCase(L_OperatorOR_Text)) Else 'make single dimention array UBOUND = 0 strArrFilter = Array(strFilter) End If Dim k ' to use in the loop Dim strTempFilter ' used to format Query string
'process the array for validatation 'UBOUND = 0 say normal filter specified For k = 0 to UBound(strArrFilter)
If UBound(strArrFilter) > 0 then strFilter =strArrFilter(k) Else 'this is the first element allways strFilter =strArrFilter(0) End If
' check if 3 parameters are passed as input to filter ' PATTERN_FILTER "^([a-z]+)([\s]+)([a-z]+)([\s]+)(\w+)"
strFilter = Trim( strFilter ) ' trim the value If CInt(component.matchPattern(PATTERN_FILTER, strFilter)) <= 0 Then component.vbPrintf L_InvalidFilterFormat_ErrorMessage, Array(strFilter) WScript.Quit(EXIT_INVALID_INPUT) End If
' This to eliminate any no.of blank Char(s) between three valid input values ' i.e..filter "property ---operation ----value" ' first SPLIT the space delimiter string into array size of 2. ' and get the property value arrTempProp = split(Trim(strFilter)," ",2,VBBinaryCompare) strFilterProperty = arrTempProp(0)
' now trim it and again SPLIT the second element of arrTempProp into an array of size 2. ' and get the operation and value arrTempOperAndVal = split(Trim(arrTempProp(1))," ",2,VBBinaryCompare) strFilterOperation = arrTempOperAndVal(0) strFilterValue = Ltrim(arrTempOperAndVal(1)) If LCase(strFilterProperty) = LCase(L_UserFilterDateTime_Text) OR _ LCase(strFilterProperty) = LCase(L_UserFilterId_Text) Then ' the following are valid operators If LCase(strFilterOperation) = LCase(L_OperatorEq_Text) OR _ LCase(strFilterOperation) = LCase(L_OperatorNe_Text) OR _ LCase(strFilterOperation) = LCase(L_OperatorGe_Text) OR _ LCase(strFilterOperation) = LCase(L_OperatorLe_Text) OR _ LCase(strFilterOperation) = LCase(L_OperatorGt_Text) OR _ LCase(strFilterOperation) = LCase(L_OperatorLt_Text) Then strTemp = ReplaceOperators(strFilterOperation) strFilterOperation = strTemp Else component.vbPrintf L_InvalidFilterOperation_ErrorMessage, Array(strFilterOperation, strFilter) WScript.Quit(EXIT_INVALID_INPUT) End If ElseIf LCase(strFilterProperty) = LCase(L_UserFilterType_Text) OR _ LCase(strFilterProperty) = LCase(L_UserFilterUser_Text) OR _ LCase(strFilterProperty) = LCase(L_UserFilterComputer_Text) OR _ LCase(strFilterProperty) = LCase(L_UserFilterSource_Text) OR _ LCase(strFilterProperty) = LCase(L_UserFilterDateCategory_Text) Then ' for others, only these two operators are valid If LCase(strFilterOperation) = LCase(L_OperatorEq_Text) OR _ LCase(strFilterOperation) = LCase(L_OperatorNe_Text) Then strTemp = ReplaceOperators(strFilterOperation) strFilterOperation = strTemp Else component.vbPrintf L_InvalidFilterOperation_ErrorMessage, _ Array(strFilterOperation, strFilter) WScript.Quit(EXIT_INVALID_INPUT) End If Else component.vbPrintf L_InvalidFilterOperation_ErrorMessage, _ Array(strFilterProperty, strFilter) WScript.Quit(EXIT_INVALID_INPUT) End If ' validate the filter asked for Select Case LCase(strFilterProperty) Case L_UserFilterDateTime_Text 'Checking " OR " is only supported property EQ "TYPE OR ID" only If blnOR = True then WScript.Echo InvalidORSyntaxInFilterErrorMessage WScript.Quit(EXIT_INVALID_INPUT) End If
' Here To find Time Zone of system from CLASS_TIMEZONE_FILE strTempQuery = "SELECT * FROM Win32_OperatingSystem "
Set objEnumerator = objService.ExecQuery(strTempQuery,,0)
' getting the Time Zone For each objInstance in objEnumerator strTimeZone = objInstance.CurrentTimeZone Next
'here to format timeZome value as '+/-' UUU
If Isnull(strTimeZone) or IsEmpty(strTimeZone)then strTimeZone =0 End If
'default sign strSign ="+" IF strTimeZone < 0 THEN strSign ="-" End If If Len(strTimeZone) < 4 then If Len(strTimeZone) = 3 then If strTimeZone < 0 then strTimeZone = Replace(strTimeZone,"-","0") End If ElseIf Len(strTimeZone) = 2 then If strTimeZone < 0 then strTimeZone = Replace(strTimeZone,"-","00") Else strTimeZone = "0" & strTimeZone End If ElseIf Len(strTimeZone) = 1 then IF strTimeZone >= 0 Then strTimeZone = "00" & strTimeZone End if End If 'return to a format as "+|-" & UUU strTimeZone= strSign & strTimeZone End If
' check for the valid format - mm/dd/yy,hh:mm:ssPM ' PATTERN_DATETIME If CInt(component.matchPattern(PATTERN_DATETIME, strFilterValue)) > 0 Then If component.validateDateTime(strFilterValue) Then ' a valid datetime filter. Prepare for query strFilterProperty = FLD_FILTER_DATETIME strTemp = component.changeToWMIDateTime(strFilterValue,strTimeZone) ' Format the input ' TimeGenerated > "07/25/2000 10:12:00 PM" strFilterValue = Chr(34) & strTemp & Chr(34) End If Else ' match for range of dates in the format ' mm/dd/yy,hh:mm:ssPM - mm/dd/yy,hh:mm:ssAM ' PATTERN_DATETIME_RANGE If CInt(component.matchPattern(PATTERN_DATETIME_RANGE, strFilterValue)) > 0 Then strFilterProperty = FLD_FILTER_DATETIME ' Only = operation supported in this format If strFilterOperation <> "=" Then WScript.Echo (L_InvalidOperator_ErrorMessage) WScript.Quit(EXIT_INVALID_INPUT) End If arrTemp = split(strFilterValue,"-",2,VBBinaryCompare)
If component.validateDateTime(arrTemp(0)) Then ' a valid datetime filter. Prepare for query strTemp = component.changeToWMIDateTime(arrTemp(0),strTimeZone) ' Format the input ' TimeGenerated > "07/25/2000 10:12:00 PM" strFilterOperation = ">=" strFilterValue = Chr(34) & strTemp & Chr(34)
If component.validateDateTime(arrTemp(1)) Then ' a valid datetime filter. Prepare for query strTemp = component.changeToWMIDateTime(arrTemp(1),strTimeZone) ' Format the input ' TimeGenerated > "07/25/2000 10:12:00 PM" strFilterValue = strFilterValue & _ " AND " & strFilterProperty & "<="& Chr(34)_ & strTemp & Chr(34) End If End If Else component.vbPrintf L_InvalidDateTimeFormat_ErrorMessage, Array(strFilter) WScript.Quit(EXIT_INVALID_INPUT) End If End If
Case L_UserFilterType_Text ' the following values are only valid for the "Type" filter ' Valid: ERROR|INFORMATION|WARNING|SUCCESSAUDIT|FAILUREAUDIT ' PATTERNTYPE
If CInt(component.matchPattern(PATTERNTYPE, strFilterValue)) = _ CONST_NO_MATCHES_FOUND Then component.vbPrintf L_InvalidType_ErrorMessage, Array(strFilterValue, strFilter) WScript.Quit(EXIT_INVALID_INPUT) Else ' here i need to check WINXP or not If ( IsWinXP ( ObjService) = TRUE ) Then ' a valid type filter. Prepare for query If LCase(strFilterValue) =LCase(PATTERNTYPE_ERROR) Then strFilterValue = EVENTTYPE_ERROR ElseIf LCase(strFilterValue) =LCase(PATTERNTYPE_WARNING) Then strFilterValue = EVENTTYPE_WARNING ElseIf LCase(strFilterValue) =LCase(PATTERNTYPE_INFORMATION) Then strFilterValue = EVENTTYPE_INFORMATION ElseIf LCase(strFilterValue) =LCase(PATTERNTYPE_SUCCESSAUDIT) Then strFilterValue = EVENTTYPE_SUCCESSAUDIT ElseIf LCase(strFilterValue) =LCase(PATTERNTYPE_FAILUREAUDIT) Then strFilterValue = EVENTTYPE_FAILUREAUDIT End If
' a valid type filter. Prepare for query strFilterProperty = FLD_FILTER_EVENTTYPE Else ' a valid type filter. Prepare for query If LCase(strFilterValue) =LCase(PATTERNTYPE_SUCCESSAUDIT) Then strFilterValue = FLDFILTERTYPE_SUCCESSAUDIT ElseIf LCase(strFilterValue) =LCase(PATTERNTYPE_FAILUREAUDIT) Then strFilterValue = FLDFILTERTYPE_FAILUREAUDIT End If
' a valid type filter. Prepare for query strFilterProperty = FLD_FILTER_TYPE End If
End If
Case L_UserFilterUser_Text
'Checking " OR " is only supported property EQ "TYPE OR ID" only If blnOR = True then WScript.Echo InvalidORSyntaxInFilterErrorMessage WScript.Quit(EXIT_INVALID_INPUT) End If
' these are invalid characters for a user name ' PATTERN_INVALID_USER If CInt(component.matchPattern(PATTERN_INVALID_USER, strFilterValue)) > 0 Then component.vbPrintf L_InvalidUser_ErrorMessage , Array(strFilterValue, strFilter) WScript.Quit(EXIT_INVALID_INPUT) Else ' a valid user filter. Prepare for query If InStr(1, strFilterValue, "\", VBBinaryCompare) Then strFilterValue = Replace(strFilterValue, "\","\\") End If If LCase(strFilterValue) =LCase(L_TextNa_Text) Then strFilterValue = Null End If
End If strFilterProperty = FLD_FILTER_USER
Case L_UserFilterComputer_Text ' a valid computer filter. Prepare for query strFilterProperty = FLD_FILTER_COMPUTER
'Checking " OR " is only supported property EQ "TYPE OR ID" only If blnOR = True then WScript.Echo InvalidORSyntaxInFilterErrorMessage WScript.Quit(EXIT_INVALID_INPUT) End If
Case L_UserFilterSource_Text ' a valid Source filter. Prepare for query strFilterProperty = FLD_FILTER_SOURCE
'Checking " OR " is only supported property EQ "TYPE OR ID" only If blnOR = True then WScript.Echo InvalidORSyntaxInFilterErrorMessage WScript.Quit(EXIT_INVALID_INPUT) End If
Case L_UserFilterDateCategory_Text
'Checking " OR " is only supported property EQ "TYPE OR ID" only If blnOR = True then WScript.Echo InvalidORSyntaxInFilterErrorMessage WScript.Quit(EXIT_INVALID_INPUT) End If
' a valid Category filter. Prepare for query If LCase(strFilterValue) =LCase(L_TextNone_Text) Then strFilterValue = Null End If
strFilterProperty = FLD_FILTER_CATEGORY Case L_UserFilterId_Text ' check if the given id is a number ' PATTERN_ID '"^(\d+)$" If CInt(component.matchPattern(PATTERN_ID, strFilterValue)) = CONST_NO_MATCHES_FOUND Then component.vbPrintf L_InvalidId_ErrorMessage, Array(strFilterValue, strFilter) WScript.Quit(EXIT_INVALID_INPUT) Else ' Invalid ID Number validation If ( Clng(strFilterValue) > CONST_ID_NUMBER )Then component.vbPrintf L_InvalidId_ErrorMessage, Array(strFilterValue, strFilter) WScript.Quit(EXIT_INVALID_INPUT) End If
' a valid id filter. Prepare for query strFilterProperty = FLD_FILTER_ID End If
Case Else ' invalid filter specified component.vbPrintf L_InvalidFilter_ErrorMessage, Array(strFilterProperty, strFilter) WScript.Quit(EXIT_INVALID_INPUT) End Select
If LCase(strFilterProperty) = LCase(FLD_FILTER_DATETIME) OR IsNull(strFilterValue) Then ' This is to handle NULL Property values i.e for category ,type If IsNull(strFilterValue) Then strFilter = strFilterProperty & strFilterOperation & strFilterValue & "Null" Else strFilter = strFilterProperty & strFilterOperation & strFilterValue End If Else strFilter = strFilterProperty & _ strFilterOperation & Chr(34) & strFilterValue & Chr(34) End If
'Binding the string with "OR" to Prepare for query if blnOR is true If blnOR =TRUE Then
If k = 0 then strTempFilter = strFilter Else strTempFilter = strTempFilter & " OR " & strFilter End If End If Next
'Set again making single filter string element if blnOR is TRUE If blnOR =TRUE Then 'this "()" Add the order of precedence of operation is SQL strFilter = "( " & strTempFilter & ")" End If
'Here setting filter to main array arrFilters(j) = strFilter
Next
ValidateFilters = TRUE
End Function
'********************************************************************'* Function: ReplaceOperators'*'* Purpose: Replaces the operator in string form with its symbol'*'* Input: '* [in] strFilterOperation the operation'*'* Output: Returns the symbolic operator'* If invalid operator, displays error message and quits'*'********************************************************************Private Function ReplaceOperators(ByVal strFilterOperation) ON ERROR RESUME NEXT Err.Clear
Select Case LCase(strFilterOperation)
Case L_OperatorEq_Text ReplaceOperators = SYMBOL_OPERATOR_EQ
Case L_OperatorNe_Text ReplaceOperators = SYMBOL_OPERATOR_NE
Case L_OperatorGe_Text ReplaceOperators = SYMBOL_OPERATOR_GE
Case L_OperatorLe_Text ReplaceOperators = SYMBOL_OPERATOR_LE
Case L_OperatorGt_Text ReplaceOperators = SYMBOL_OPERATOR_GT
Case L_OperatorLt_Text ReplaceOperators = SYMBOL_OPERATOR_LT
Case Else ' not a valid operator component.vbPrintf L_Invalid_ErrorMessage, Array(strFilterOperation) WScript.Quit(EXIT_INVALID_PARAM) End SelectEnd Function'********************************************************************'* Sub : VerifyLogAndGetMaxRecords'*'* Purpose: populates the output array with count of records in given input array'*'* Input: [in] objService the service object'* [out] objLogs the object containing the logs & max count of records corresponding log'*'* Output: array's are populates with logfile names and its count of max records'*'********************************************************************Private Sub VerifyLogAndGetMaxRecords(ByVal objService, _ ByRef objLogs)
ON ERROR RESUME NEXT Err.Clear Dim strTempQuery ' string to make query Dim objEnumerator ' to get the collection object after query Dim objInstance ' to refer to each instance of the results got Dim i ' for initialing loop Dim strLogFile ' used to store log file inside loop Dim arrKeyName ' used to store key value of Dictionary object for processing loop
arrKeyName = objLogs.Keys
For i = 0 to objLogs.Count -1 strLogFile = arrKeyName(i) If Not strLogFile = "*" Then ' Check if log file exists, by querying strTempQuery = "SELECT NumberOfRecords FROM Win32_NTEventlogFile " &_ "WHERE LogfileName=" & Chr(34) & strLogFile & Chr(34)
Set objEnumerator = objService.ExecQuery(strTempQuery,,0)
If Err.Number Then component.vbPrintf L_ExecuteQuery_ErrorMessage, Array(strLogFile) WScript.Quit(EXIT_METHOD_FAIL) End If
' check if given log is present If ObjEnumerator.Count <> 1 Then component.vbPrintf L_LogDoesNotExist_ErrorMessage, Array(strLogFile) 'If Count of Logs = 1 Quit Here If objLogs.Count= 1 Then WScript.Quit(EXIT_INVALID_INPUT) End If 'If more proceed .. objLogs.Remove(strLogFile) Else ' get maximum number of records in that log(used if range specified) For each objInstance in objEnumerator If objInstance.NumberOfRecords <> "" Then objLogs.Item(strLogFile) = objInstance.NumberOfRecords Else objLogs.Item(strLogFile) = 0 End If Next End If Set ObjEnumerator = Nothing End If Next
If objLogs.Exists("*") Then ' if the * is specified, populate array with elements objLogs.Remove("*") ' get the instances of the logs present in the system Set objEnumerator = objService.InstancesOf(CLASS_EVENTLOG_FILE) If Err.number Then Wscript.Echo (L_InstancesFailed_ErrorMessage) WScript.Quit(EXIT_METHOD_FAIL) End If ' if no logs present If objEnumerator.Count <= 0 Then WScript.Echo (L_InfoNoLogsPresent_Message) WScript.Quit(EXIT_UNEXPECTED) Else For Each objInstance In objEnumerator If Not IsEmpty(objInstance.LogfileName) Then If NOT objLogs.Exists(LCase(objInstance.LogfileName)) Then If objInstance.NumberOfRecords Then objLogs.Add LCase(objInstance.LogfileName), objInstance.NumberOfRecords Else objLogs.Add LCase(objInstance.LogfileName), 0 End If End If End If Next End If End If
End Sub
'********************************************************************'* Function: BuildFiltersForQuery'*'* Purpose: Builds the query with the filter arguments'*'* Input: [in] arrFilters the array containing the filter conditions'*'* Output: Returns the string to be concatenated to the main query'*'********************************************************************Function BuildFiltersForQuery(ByVal arrFilters) ON ERROR RESUME NEXT Err.Clear
Dim strTempFilter ' to store the return string Dim i ' used in loop
strTempFilter = "" For i = 0 to UBound(arrFilters) strTempFilter = strTempFilter & " AND " strTempFilter = strTempFilter & arrFilters(i) Next BuildFiltersForQuery = strTempFilter
End Function
'********************************************************************'* Function : BuildRangeForQuery'*'* Purpose: Builds the range boundaries to display the records.'*'* Input: [in] strRange ' the range specified by the user'* Will be in the format N, -N or N-N'* [in] intFiltersSpecified ' array containing the filters number'* [in] objService ' the service object'* [out] intRecordRangeFrom ' where do we start the display of records?'* [out] intRecordRangeTo ' where do we stop displaying records'* [out] strFilterLog ' log file to build query'* [out] strQuery ' to build query according to given Range Type '* Output: Sets the value for the start and end of display boundaries.'*'********************************************************************Private Function BuildRangeForQuery(ByVal strRange, _ ByRef intRecordRangeFrom, _ ByRef intRecordRangeTo,_ ByVal intFiltersSpecified,_ ByRef strQuery,_ ByVal ObjService,_ ByVal strFilterLog )
ON ERROR RESUME NEXT Err.Clear
Dim intMaxEventRecordsPresent ' to store the max recods in the log Dim arrRangeValues ' to store the split values if range is of the type N-N Dim objInstance ' to refer to the instances of the objEnumerator Dim objEnumerator ' to store the results of the query is executed Dim FilterRecordCount ' to store the count of records if filter with +N specified FilterRecordCount = 0
BuildRangeForQuery = strquery 'intialize
Dim currentMaxRecordnumber 'curentMaxrecord number Dim currentMinRecordnumber 'curentMinrecord number
currentMaxRecordnumber = 0 currentMinRecordnumber = 0 ' save the max. no. of records available in the current log intMaxEventRecordsPresent = intRecordRangeTo
' find the count of events / logfile if Filter is specified . If intFiltersSpecified >= 0 Then Set objEnumerator = objService.ExecQuery(strQuery,"WQL",0,null) If Err.number Then component.vbPrintf L_ExecuteQuery_ErrorMessage, Array(strFilterLog) Exit Function End if FilterRecordCount= objEnumerator.count Set objEnumerator= Nothing 'releases the memory End If ' check the type of range specified ( first N / last N / N1 - N2 ) If ( IsNumeric(strRange) ) Then
' range is first N or last N ' now check whether it is first N or last N If strRange < 0 Then If intFiltersSpecified >= 0 Then ' first N records ' initial the counter so that all the out is displayed If FilterRecordCount > CLng(Abs(strRange)) then intRecordRangeFrom = FilterRecordCount - CLng(Abs(strRange)) + 1 intRecordRangeTo = FilterRecordCount Else intRecordRangeFrom = 0 intRecordRangeTo = FilterRecordCount End If
Else
Set objEnumerator = objService.ExecQuery(strQuery,"WQL",48,null) For Each objInstance In objEnumerator currentMaxRecordnumber= objInstance.RecordNumber Exit for Next If currentMaxRecordnumber > intMaxEventRecordsPresent then currentMinRecordnumber = currentMaxRecordnumber - intMaxEventRecordsPresent intMaxEventRecordsPresent = currentMaxRecordnumber End If Set objEnumerator= Nothing 'releases the memory
' N means record number <= N ' initial the counter s+o that all the out is displayed ' build the query BuildRangeForQuery = strQuery & " AND RecordNumber <= "& CLng(Abs(strRange)) + currentMinRecordnumber End If Else ' *** range is last N (i.e -N) If intFiltersSpecified >= 0 Then
If FilterRecordCount > CLng(Abs(strRange)) then intRecordRangeFrom =0 intRecordRangeTo = CLng(Abs(strRange)) Else intRecordRangeFrom =0 intRecordRangeTo = FilterRecordCount End If
Else
Set objEnumerator = objService.ExecQuery(strQuery,"WQL",48,null) 'getting current max recordnumber For Each objInstance In objEnumerator currentMaxRecordnumber= objInstance.RecordNumber Exit for Next
If currentMaxRecordnumber > intMaxEventRecordsPresent then currentMinRecordnumber = currentMaxRecordnumber - intMaxEventRecordsPresent intMaxEventRecordsPresent = currentMaxRecordnumber End If
Set objEnumerator= Nothing 'releases the memory
' -N means record number > (maxNumber - N ) ' initial the counter so that all the out is displayed ' build the query If CLng(Abs(strRange)) > intMaxEventRecordsPresent Then 'Show all records BuildRangeForQuery =strQuery & " AND RecordNumber > 0 " Else BuildRangeForQuery =strQuery & " AND RecordNumber > " & intMaxEventRecordsPresent - CLng(Abs(strRange)) End If End If End If Else ' range of records asked for N-N case arrRangeValues = split(strRange,"-", 2, VBBinaryCompare)
If intFiltersSpecified >= 0 Then If CLng(arrRangeValues(0)) < FilterRecordCount then ' initial the counter so that all the out is displayed intRecordRangeFrom = CLng(arrRangeValues(0)) intRecordRangeTo = CLng(arrRangeValues(1)) Else 'forcebly putting the invaid query 'when N1 > FilterRecordCount to avoid unnessaray looping between intRecordRangeFrom TO intRecordRangeTo BuildRangeForQuery =strQuery & " AND RecordNumber = 0 " End If Else Set objEnumerator = objService.ExecQuery(strQuery,"WQL",48,null) For Each objInstance In objEnumerator currentMaxRecordnumber= objInstance.RecordNumber Exit for Next
If currentMaxRecordnumber > intMaxEventRecordsPresent then currentMinRecordnumber = currentMaxRecordnumber - intMaxEventRecordsPresent intMaxEventRecordsPresent = currentMaxRecordnumber End If Set objEnumerator= Nothing 'releases the memory
' build the query BuildRangeForQuery =strQuery & " AND RecordNumber >= "& CLng(arrRangeValues(0))+ currentMinRecordnumber & " AND RecordNumber <= " & CLng(arrRangeValues(1)) + currentMinRecordnumber
End If End If
End Function
'********************************************************************'* Sub: ShowEvents'*'* Purpose: Displays the EventLog details'*'* Input: '* [in] strMachine machine to query events from'* [in] strUserName user name to connect to the machine'* [in] strPassword password for the user'* [in] arrFilters the array containing the filters'* [in] strFormat the display format'* [in] strRange the range of records required'* [in] blnVerboseDisplay flag to verify if verbose display is needed '* [in] blnNoHeader flag to verify if noheader display is needed '* [in] objLogs to store all the given logfles'* Output: Displays error message and quits if connection fails'* Calls component.showResults() to display the event records'*'********************************************************************Private Sub ShowEvents(ByVal strMachine, _ ByVal strUserName, _ ByVal strPassword, _ ByRef arrFilters, _ ByVal strFormat, _ ByVal strRange, _ ByVal blnVerboseDisplay, _ ByVal blnNoHeader,_ ByRef objLogs)
ON ERROR RESUME NEXT Err.Clear
Dim objService ' the service object Dim objEnumerator ' to store the results of the query is executed Dim objInstance ' to refer to the instances of the objEnumerator Dim strFilterLog ' to refer to each log specified by the user Dim strTemp ' to store the temporary variables Dim strQuery ' to store the query obtained for given conditions Dim arrResults ' to store the columns of each filter Dim arrHeader ' to store the array header values Dim arrMaxLength ' to store the maximum length for each column Dim arrFinalResults ' used to send the arrResults to component.showResults() Dim arrTemp ' to store temporary array values Dim intLoopCount ' used in the loop Dim intElementCount ' used as array subscript Dim strFilterQuery ' to store the query for the given filters Dim intResultCount ' used to count no of records that are fetched in the query Dim blnPrintHeader ' used to check header is printed or not in resulted Query ' the following are used for implementing the range option Dim intRecordRangeFrom ' to store the display record beginning number Dim intRecordRangeTo ' to store the display record ending number Dim arrKeyName ' to store then key value of dictionary object Dim strTempQuery ' to store a string for -N range values Dim arrblnDisplay ' array to show the status of display of verbose mode for showresults function Dim intDataCount ' used in looping to get value of Insertion string for the field "Description column" Dim i 'used for looping to enable All special privileges
' flag to set condition specific locale & default value setting Dim bLocaleChanged bLocaleChanged =FALSE
'Validating the arguments which is passed from commandline If NOT (ValidateArguments(strMachine, strUserName, strPassword, _ arrFilters, strFormat, strRange , blnNoHeader)) Then WScript.Quit(EXIT_UNEXPECTED) End If ' checking for UNC format for the system name If Left(strMachine,2) = UNC_Format_Servername Then If Len(strMachine) = 2 Then component.vbPrintf InvalidInputErrorMessage ,Array(Wscript.ScriptName) WScript.Quit(EXIT_UNEXPECTED) End if strMachine = Mid(strMachine,3,Len(strMachine)) End If
'getting the password .... If ((strUserName <> VBEmpty) AND (strPassword = VBEmpty)) Then strPassword = component.getPassword() End If
' To set GetSupportedUserLocale for Some Diff locales bLocaleChanged =GetSupportedUserLocale()
'Establish a connection with the server. If NOT component.wmiConnect(CONST_NAMESPACE_CIMV2 , _ strUserName , _ strPassword , _ strMachine , _ blnLocalConnection , _ objService ) Then
Wscript.Echo(L_HintCheckConnection_Message) WScript.Quit(EXIT_METHOD_FAIL) End If
' set the previlige's To query all event's in eventlog's . objService.Security_.Privileges.AddAsString("SeSecurityPrivilege")
'Enable all privileges as some DC's were requiring special privileges For i = 1 to 26 objService.Security_.Privileges.Add(i) Next
' get the HostName from the function strMachine = component.getHostName( objService)
' Validating the Filters which is passed from commandline If UBound(arrFilters) >= 0 Then ' filters are specified. Validate them If Not ValidateFilters(arrFilters,objService ) Then WScript.Quit(EXIT_INVALID_INPUT) End If End If blnPrintHeader = TRUE
If blnNoHeader Then blnPrintHeader = FALSE End If
' Initialize - header to display, the maximum length of each column and ' number of columns present arrHeader = Array(L_ColHeaderType_Text,L_ColHeaderEventcode_Text, L_ColHeaderDateTime_Text,_ L_ColHeaderSource_Text,L_ColHeaderComputerName_Text) ' first initialize the array with N/A arrResults = Array(L_TextNa_Text,L_TextNa_Text,L_TextNa_Text,L_TextNa_Text,L_TextNa_Text,L_TextNa_Text,_ L_TextNa_Text,L_TextNa_Text)
arrMaxLength = Array(13,6, 24, 17, 14, 15, 20,750) arrblnDisplay = Array(0, 0, 0, 0, 0, 1, 1, 1)
If blnVerboseDisplay Then arrblnDisplay = Array(0, 0, 0, 0, 0, 0, 0,0) arrHeader = Array( L_ColHeaderType_Text,L_ColHeaderEventcode_Text, L_ColHeaderDateTime_Text, _ L_ColHeaderSource_Text,L_ColHeaderComputerName_Text,L_ColHeaderCategory_Text,_ L_ColHeaderUser_Text, L_ColHeaderDesription_Text) End IF
If UBound(arrFilters) >=0 Then strFilterQuery = BuildFiltersForQuery(arrFilters) End If ' call function to verify given log and also get records count in log Call VerifyLogAndGetMaxRecords(objService, objLogs)
arrKeyName = objLogs.Keys
intResultCount = 0 intLoopCount = 0
'blank line before first data is displayed on console WScript.Echo EmptyLine_Text
Do While (intLoopCount < objLogs.Count)
'setting Header to print every Log file explicilty If blnNoHeader Then blnPrintHeader = FALSE Else blnPrintHeader = TRUE End If
If CInt(objLogs.Item(arrKeyName(intLoopCount))) > 0 Then strFilterLog = arrKeyName(intLoopCount) intRecordRangeFrom = 0 intRecordRangeTo = CInt(objLogs.Item(arrKeyName(intLoopCount))) ' build the query strQuery = "Select * FROM Win32_NTLogEvent WHERE Logfile=" &_ Chr(34) & strFilterLog & Chr(34)
If UBound(arrFilters) >=0 Then strQuery = strQuery & strFilterQuery End If
If Len(Trim(CStr(strRange))) > 0 Then ' building again query for -N condition in range switch strQuery = BuildRangeForQuery(strRange,intRecordRangeFrom, _ intRecordRangeTo, UBound(arrFilters),strQuery,objService,strFilterLog) End If
' process the results, else go for next log Set objEnumerator = objService.ExecQuery(strQuery,"WQL",48,null) If Err.Number Then component.vbPrintf L_ExecuteQuery_ErrorMessage, Array(strFilterLog) ' if error occurred in the query, go for next log intLoopCount = intLoopCount + 1 Err.clear ' for next loop if more logs present Else
intElementCount = 0
ReDim arrFinalResults(CONST_ARRAYBOUND_NUMBER)
For each objInstance in objEnumerator
' inside error trapping for most unexpected case... If Err.number then Exit For
intResultCount = intResultCount + 1 ' print the header for each log file along with Host Name 'imp:: if and only if have Data If intResultCount = 1 Then WScript.Echo(String(78,"-")) component.vbPrintf L_InfoDisplayLog_Message ,Array(strFilterLog,strMachine) WScript.Echo(String(78,"-")) End If
' check whether the current record is fitting in ' the required range If ( intResultCount >= intRecordRangeFrom ) And _ ( intResultCount <= intRecordRangeTo ) Then ' record fitting the range ... this has to be displayed
If objInstance.Type <> "" Then arrResults(0) = objInstance.Type Else arrResults(0) = L_TextNa_Text End If
If objInstance.EventCode <> "" Then arrResults(1) = objInstance.EventCode Else arrResults(1) = L_TextNa_Text End If
If (NOT IsEmpty(objInstance.TimeGenerated)) Then
strTemp = objInstance.TimeGenerated 'is LOCALE CHANGED If bLocaleChanged <> TRUE Then 'format DatTime as DATE & "Space" & TIME arrResults(2)= Formatdatetime( Mid(strTemp,5,2) & "/" & Mid(strTemp,7,2) & "/" &_ Mid(strTemp,1,4)) & " " & formatdatetime( Mid(strTemp,9,2) & ":" &_ Mid(strTemp,11,2) & ":" & Mid(strTemp,13,2)) Else arrResults(2) = Mid(strTemp,5,2) & "/" & Mid(strTemp,7,2) & "/" &_ Mid(strTemp,1,4) & " " & Mid(strTemp,9,2) & ":" &_ Mid(strTemp,11,2) & ":" & Mid(strTemp,13,2) End If Else arrResults(2) = L_TextNa_Text End If
If objInstance.SourceName <> "" Then arrResults(3) = objInstance.SourceName Else arrResults(3) = L_TextNa_Text End If
If objInstance.ComputerName <> "" Then arrResults(4) =objInstance.ComputerName Else arrResults(4) = L_TextNa_Text End If If blnVerboseDisplay Then If objInstance.CategoryString <> "" Then arrResults(5) = Replace(objInstance.CategoryString, VbCrLf, "") Else arrResults(5) = L_TextNone_Text ' None display End If
If (NOT IsNull(objInstance.User)) Then arrResults(6) = objInstance.User Else arrResults(6) = L_TextNa_Text End If
If objInstance.Message <> "" Then arrResults(7) = Trim(Replace(objInstance.Message, VbCrLf, " ")) Else 'Check here eighter value in presenet "InsertionStrings" column . If (NOT IsNull(objInstance.InsertionStrings)) Then arrTemp = objInstance.InsertionStrings 'removing default value "N/A" arrResults(7)= "" For intDataCount = 0 to UBound(arrTemp) arrResults(7) = arrResults(7) & " " & arrTemp(intDataCount) Next
arrResults(7) = Trim(arrResults(7)) Else arrResults(7) = L_TextNa_Text End If
End If
End If ' add the record to the queue of records that has to be displayed arrFinalResults( intElementCount ) = arrResults intElementCount = intElementCount + 1 ' increment the buffer ' check whether the output buffer is filled and ready for display ' onto the screen or not If intElementCount = CONST_ARRAYBOUND_NUMBER +1 Then ' Call the display function with required parameters Call component.showResults(arrHeader, arrFinalResults, arrMaxLength, _ strFormat, blnPrintHeader, arrblnDisplay) blnPrintHeader = FALSE Redim arrFinalResults(CONST_ARRAYBOUND_NUMBER) ' clear the existing buffer contents intElementCount = 0 ' reset the buffer start End If End If
' check whether the last record number that has to be displayed is ' crossed or not ... if crossed exit the loop without proceeding further If ( intResultCount >= intRecordRangeTo ) Then ' max. TO range is crossed/reached ... no need of further looping Exit For End If Next
' check whether there any pending in the output buffer that has to be ' displayed If intElementCount > 0 Then ' resize the array so that the buffer is shrinked to its content size ReDim Preserve arrFinalResults( intElementCount - 1 )
' Call the display function with required parameters Call component.showResults(arrHeader, arrFinalResults, arrMaxLength, _ strFormat, blnPrintHeader, arrblnDisplay) Else ' array bounds checking If intResultCount = 0 Then 'ie no records found If UBound(arrFilters) >= 0 OR Len(Trim(CStr(strRange))) > 0 Then ' message no records present if filter specified component.vbPrintf L_InfoNoRecordsInFilter_Message, Array(strFilterLog) Else 'message no records present if filter not specified component.vbPrintf L_InfoNoRecords_Message, Array(strFilterLog) End If
End If ' intResultCount = 0
End If ' array bounds checking End If Else 'message no records present component.vbPrintf L_InfoNoRecords_Message, Array(arrKeyName(intLoopCount)) End If
' re-initialize all the needed variables intResultCount = 0 Set objEnumerator = Nothing intLoopCount = intLoopCount + 1
'blank line before end of the Next Each Log file details WScript.Echo EmptyLine_Text
Loop ' do-while
End Sub
'********************************************************************'* Function: GetSupportedUserLocale'*'* Purpose:This function checks if the current locale is supported or not.'*'* Output: Returns TRUE or FALSE'*'********************************************************************Private Function GetSupportedUserLocale()
ON ERROR RESUME NEXT Err.Clear
GetSupportedUserLocale =FALSE
CONST LANG_ARABIC = &H01CONST LANG_HEBREW = &H0dCONST LANG_HINDI = &H39CONST LANG_TAMIL = &H49CONST LANG_THAI = &H1e CONST LANG_VIETNAMESE = &H2a
Dim Lcid 'to store LocaleId
' get the current locale Lcid=GetLocale()
CONST PRIMARYLANGID = 1023 '0x3ff
Dim LANGID 'to store LangID
' Convert LCID >>>>>>>>>>>>> LANGID' BIT Wise And Operation 'formating to compare HEX Value's LANGID = Hex ( Lcid AND PRIMARYLANGID ) ' check whether the current locale is supported by our tool or not' if not change the locale to the English which is our default locale Select Case LANGID
'here to chaeck the values Case Hex(LANG_ARABIC),Hex(LANG_HEBREW),Hex(LANG_THAI) ,Hex(LANG_HINDI ),Hex(LANG_TAMIL) ,Hex(LANG_VIETNAMESE)
GetSupportedUserLocale =TRUE Exit FunctionEnd Select
End Function
' ****************************************************************************************'* Function : IsWinXP '*'* Purpose:This function checks if the OS is XP or Above. '*'* Input: [in] Objservice the service object'* Output: Returns TRUE or FALSE'*' ****************************************************************************************
Private Function IsWinXP ( ByVal objService)
ON ERROR RESUME NEXT Err.Clear
CONST WIN2K_MAJOR_VERSION = 5000 CONST WINXP_MAJOR_VERSION = 5001
Dim strQuery ' to store the query to be executed Dim objEnum ' collection object Dim objInstance ' instance object Dim strVersion ' to store the OS version Dim arrVersionElements ' to store the OS version elements Dim CurrentMajorVersion ' the major version number
ISWinXP= FALSE
strQuery = "Select * From Win32_operatingsystem"
Set objEnum = objService.ExecQuery(strQuery,"WQL",0,NULL)
For each objInstance in objEnum strVersion= objInstance.Version Next
' OS Version : 5.1.xxxx(Whistler), 5.0.xxxx(Win2K) arrVersionElements = split(strVersion,".") ' converting to major version CurrentMajorVersion = arrVersionElements(0) * 1000 + arrVersionElements(1)
' Determine the OS Type ' WinXP > Win2K If CInt(CurrentMajorVersion) >= CInt(WINXP_MAJOR_VERSION) Then IsWinXP= TRUE End If
End Function
'********************************************************************'* Sub: ShowUsage'*'* Purpose: Shows the correct usage to the user.'*'* Output: Help messages are displayed on screen.'*'********************************************************************
Private Sub ShowUsage ()
WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine01_Text WScript.Echo L_ShowUsageLine02_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine03_Text WScript.Echo L_ShowUsageLine04_Text WScript.Echo L_ShowUsageLine05_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine06_Text WScript.Echo L_ShowUsageLine07_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine08_Text WScript.Echo L_ShowUsageLine09_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine10_Text WScript.Echo L_ShowUsageLine11_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine12_Text WScript.Echo L_ShowUsageLine13_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine14_Text WScript.Echo L_ShowUsageLine15_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine16_Text WScript.Echo L_ShowUsageLine17_Text WScript.Echo L_ShowUsageLine18_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine19_Text WScript.Echo L_ShowUsageLine20_Text WScript.Echo L_ShowUsageLine21_Text WScript.Echo L_ShowUsageLine22_Text WScript.Echo L_ShowUsageLine23_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine24_Text WScript.Echo L_ShowUsageLine25_Text WScript.Echo L_ShowUsageLine26_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine27_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine28_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine29_Text WScript.Echo L_ShowUsageLine30_Text WScript.Echo L_ShowUsageLine31_Text WScript.Echo L_ShowUsageLine32_Text WScript.Echo L_ShowUsageLine33_Text WScript.Echo L_ShowUsageLine34_Text WScript.Echo L_ShowUsageLine35_Text WScript.Echo L_ShowUsageLine36_Text WScript.Echo L_ShowUsageLine37_Text WScript.Echo L_ShowUsageLine38_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine39_Text WScript.Echo L_ShowUsageLine40_Text WScript.Echo EmptyLine_Text WScript.Echo L_ShowUsageLine41_Text WScript.Echo L_ShowUsageLine42_Text WScript.Echo L_ShowUsageLine43_Text WScript.Echo L_ShowUsageLine44_Text WScript.Echo L_ShowUsageLine45_Text WScript.Echo L_ShowUsageLine46_Text WScript.Echo L_ShowUsageLine47_Text WScript.Echo L_ShowUsageLine48_Text WScript.Echo L_ShowUsageLine49_Text WScript.Echo L_ShowUsageLine50_Text WScript.Echo L_ShowUsageLine51_Text WScript.Echo L_ShowUsageLine52_Text WScript.Echo L_ShowUsageLine53_Text
End Sub
'-----------------------------------------------------------------------------' End of the Script '-----------------------------------------------------------------------------
|
