My ultimate goal is a to write a backup system for our Windows servers. What I need to be able to do is backup each event log on each system to a local directory on that system and then to a central system on the network.

The reason I am trying to read the subkeys under Eventlog in the registry is that the Windows Event Log system is flawed (at least for my use of it). Though it allows you to have more event logs, the system's defaults assume that you only have three event logs: Application, Security, and System. (And, yes, I do have the correct permissions to read the files).

Furthermore, while the .evt file in the config directory indicates that there is an event log, it is not the name of the event log. The documentation for Win32::EventLog implied that I might be able to manipulate the event logs using the full path to the .evt file. I was unable to get that to work; Win32::EventLog would only work with the name of the event log. (Using the full path is meant for reading backup files; so maybe it won't work on a .evt file in the config directory...) Win32::Registry has no mechanism for listing out the existing event logs.

I saw that the registry key for the Eventlog had a subkey for each event log on the system, and those subkeys used the same name as the event log. We have multiple servers with many different combinations of event logs. Rather than have a hash lookup, which I would have to maintain, that would associate each .evt file in the config directory to the correct event log name, I decided to try and read those subkeys.

I was foiled again. While I can read the subkeys of the Services key above Eventlog and of the subkeys below Eventlog, I cannot get Win32::TieRegistry to read the subkeys of the Eventlog key itself.

If someone knows of another way to get a list of the event logs on a system, I'd be happy to try it...

Thanks--

Al

In reply to Re^2: Reading Subkeys with Win32::TieRegistry by Al_Gee
in thread Reading Subkeys with Win32::TieRegistry by Al_Gee

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.