in reply to Re^2: A question regarding Win32::EventLog
in thread A question regarding Win32::EventLog

Hi Sid, I cant quite figure out where those characters are coming from, but for the event ID bit, this should fix it: 
    foreach my $key (keys %$hashRef){
    if ($key =~ /EventID/) {
        my $id = ($hashRef->{$key} & 0xffff);
            print $key . "\t" . "\"$id\"" . "\n";
    }

[download]
hth !!

Update:
Ok, I am seeing the chars being printed against the name field. I still dont know how to fix it to print the name field, but this should give you the sid for the uid instead. 
elsif ($key =~ /User/){
    my $sid = unpack("H" . 2 * length(${$hashRef}{$key}), ${$hashRef}{
+$key});
    my $user = ($hashRef->{$key} & 0xffff);
    print "User SID: " . "\t" . "\"$sid\" " . "\n";
}

[download]

Replies are listed 'Best First'.
Re^4: A question regarding Win32::EventLog
by sidhartha (Acolyte) on Feb 02, 2005 at 12:49 UTC
    Wow that certainly does do the trick thank you very much! If you don't mind can you tell me what is exactly going on here?
[reply]

In Section Seekers of Perl Wisdom