I want to collect and report certain security or application events from the eventviewer of a XP SP2 workstation with SMS 2003, have anybody tried this? I know i have to use WMI but can anybody help me?
I've never written anything myself, but I believe there may be some code available on one of the MMS DVDs (I think the 2005 DVD?) It outlined how the Security Logon Audit Tool from
Hai, thanks for your reply. I want to know when a specific users log's on to the computer's in our domain. for example a domain administrator or a local administrator. It would be perfect if it's possible to extract wich applications they used and present this in a report.
That might be stretching the capabilities of SMS a bit; but you can accomplish some of what you need on a limited basis. You could implement the Security Logon Audit Tool from
That would give you a Summary over time of how many times a user logs into machines, but it would not record 'jsmith logged into pc XYZ at 8:15am', and keep that information forever.
As for applications used, for the most part I never noticed that the Event Log kept track of when an application was launched and closed. Using SMS Software Metering, though, you could create rules of which executables you would like to track. Again, this would be a summary over time, and historical information like 'jsmith launched winword.exe on PC xyz at 8:16am and closed it at 8:17am' would not be kept forever. Software Metering is really designed for helping with license compliance, or to see if maybe you no longer need 1000 licenses of widgets version 1.2, but only 100 licenses.
If I were you, I'd start by enabling Software Metering, and create just 1 or 2 rules of often-used applications, wait at least a week, and then check the Software Metering reports and see if they may be close enough for your purposes.
If not, you might have to do some vendor shopping to find something to fit exactly what you want.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.