in reply to Win32::EventLog to CSV

I used this code and it worked for me. Remember, you only ask for the 'system' log, not 'application' or 'security. I think you need to ask for those separately. Also, I did it on the local machine so a computername was not necessary in new().

Dumper shows the other values in the hash: some must be translated to be read. The EventLog doc describes how to decode EventType, for example. Not all fields (clearly) appear for each entry. You have to decide what is important (e.g. time) for your csv.

--traveler 

use Win32;
use Win32::EventLog;
use Data::Dumper;
$handle=Win32::EventLog->new("system");
$handle->GetNumber($recs);
$handle->GetOldest($base);
$x = 0;
while ( $x < $recs )
{
      $handle->Read(EVENTLOG_FORWARDS_READ|EVENTLOG_SEEK_READ,$base+$x
+,$HashRef);
     
     if ( $HashRef->{Source} eq "EventLog")
     {
          Win32::EventLog::GetMessageText($HashRef);
          print "EventLog Entry $x : $HashRef->{Message}\n";
      print Dumper($HashRef);
     }
     else
     {
           Win32::EventLog::GetMessageText($HashRef);
       print  "Other Entry $x : $HashRef->{Message}\n";
       print Dumper($HashRef);
     }
     $x++;
}

[download]

In Section Seekers of Perl Wisdom