Event Log Explorer
#1
Posted 02 February 2009 - 09:23 PM
Please move to "System and Registry Tools" i don't have permissions there to create threads
File name: Event Log Explorer
Description:program for analysing offline NT/2000/XP/2003/Vista Logs
Build: latest Release downable over the Script
OS: NT/2000/XP/20003/Vista
Winbuilder: Tested with 077 RC2
Homepage: http://www.eventlogxp.com/
License: FREE personal license is available for personal non-commercial use.
With this Script u could analyse Windows Event logs of a offline crashed system (evt+evtx files)
the License u could obtain from: http://www.eventlogx...ee-personal.php
if obtained u have to input this key under the script Textbox "Serial Number". the script will do the rest (push to registry)
------------------------------------------------------------------------------------------------------------------------------------------------------------------
U could open the Eventlog files with File-Open Log File - Direct (then browse to the offline logs)
PS:Free License is valid for a half year. after the expiration, u can renew your free license
NEWS:
Version 4 (Final)
- for little more availability i integrated the Source encoded (so online download+offline version are available) in case of broken Connection Problems
- Availability Check of the Homapage - If not existing message will follow + Question with decision to use offline version or to exit script
- CheckBox for removing Languages
Version 3
- check if sources are available. if files not offline available a download will be made automaticly
- Gdiplus integrated
- Integrated "Order License" possibility + Weblink integration
- Regkeys cleaned up
- changed hardcoded paths
Version 2
- Download Source Possibility integrated
- the extraction of the Installer will be made automaticly over innounp.exe (the installer is an "inno setup")
- Info: innounp.exe will be copied to %Tools% and will remain there (may usefull for other scripts)
- RunFromRam or not, both are working well now
Please download latest Script:
My Script Website
Have fun
Regards Steel
#2
Posted 02 February 2009 - 10:54 PM
#3
Posted 03 February 2009 - 08:54 PM
Since program asks for a license key, given for free for a six month time, could you add a textbox to type the license key prior to the built?
#4
Posted 03 February 2009 - 09:54 PM
#5
Posted 03 February 2009 - 10:14 PM
But I insist, it asks for s/n
#6
Posted 03 February 2009 - 10:41 PM
very strange i tryed out right now with blank, and with my serial key.
blank = asking for s/n
with key= not asking me. free version was unlocked
could u please check out if u have the registry entry:
Software\EventLogXP\Event Log Explorer
String: RegData
Value: your SerialKey
Regards
Steel
#7
Posted 04 February 2009 - 01:35 AM
#8
Posted 18 July 2009 - 10:26 PM
i updated my Event Log Script to Version 2.
News are posted in the main Thread
regards
Steel
#9
Posted 20 July 2009 - 09:14 PM
Hi guys,
i updated my Event Log Script to Version 2.
News are posted in the main Thread
regards
Steel
you should consider changing your script to download to %GlobalTemplates% instead of %ScriptDir%. we are trying to get away from cluttering up the project directories and provide cross-project access to the files.
thank you for the script. it is a useful program.
#10
Posted 20 July 2009 - 11:03 PM
Continuing from homes32's recommendation an idea to download here (dont delete)
%GlobalTemplates%\Event_Log_Explorer_Files\Download
and extract here
%GlobalTemplates%\Event_Log_Explorer_Files\Extracted
and If the file redistributable I prefer having it packed .
Well after checking v2, I prefer continue using v1 .....
For everycase thanks a lot again for this useful script.
#11
Posted 21 July 2009 - 01:33 PM
very useful, from v1 it is in my archive
Continuing from homes32's recommendation an idea to download here (dont delete)
%GlobalTemplates%\Event_Log_Explorer_Files\Download
and extract here
%GlobalTemplates%\Event_Log_Explorer_Files\Extracted
and If the file redistributable I prefer having it packed .
Well after checking v2, I prefer continue using v1 .....
For everycase thanks a lot again for this useful script.
personally I leave the downloaded zip/exe in %GlobalTempates% and extract directly to %ProgramDir%. that's me though.
#12
Posted 21 July 2009 - 01:35 PM
This is also a very good methodpersonally I leave the downloaded zip/exe in %GlobalTempates% and extract directly to %ProgramDir%. that's me though.
#13
Posted 21 July 2009 - 03:03 PM
thx for your Feedbacks
i changed now little bit again the script belongs to the hints from Lancelot+homes32
- Download is %GlobalTemplates%\Event_Log_Explorer_Files\Download
- Extract is %GlobalTemplates%\Event_Log_Explorer_Files\Extracted
- copyprogram will be from %GlobalTemplates%\Event_Log_Explorer_Files\Extracted
- no necessary files will be deleted from Download+extraced
my goal was to automaticly download + extract the "inno Installer Package" so to win little bit time
i hope now you like it more
i would be glad if you guys test it again
thx
Steel
#14
Posted 21 July 2009 - 05:00 PM
i would be glad if you guys test it again
Hi steelbone,
test result: Failed
\Workbench\Common\Event_Log_Explorer\Extracted\ folder is empty
I leave this fix to you
Here some advices/addings for your scripts:
**
starting with adding an icon to look more handsome
and contact info (contact= ) ** this is essential for others to find current topic to support your script
**
gdiplus added for livexp support
**
weblink written on interfarce
**
changed script name and title to be unique
**
pTextBox2="Serial Number"
fixed on interface
**
-->to make the script work good with first usage
If,%pCheckBox3%,Equal,False,If,NotExistFile,%GlobalTemplates%\%EventDownload%\elex.zip,Run,%ScriptFile%,Download
-->prevent script working further if download not succeed for a reason
If,NotExistFile,%GlobalTemplates%\%EventDownload%\elex.zip,Exit,"Event Log source not exists"
+another to download section
**
do not use dirmove to copy files (elex.exe)
**
do not use / or #
use // or ##
**
I feel
wb-default\Software\Microsoft\Windows
values are not needed on your script, i removed them (moved to [removed] section)
****
you must not use X:\Program Files\blabla (hardcoded paths) in your scripts
use %PE_Programs%\%ProgramFolder%
exception for 0x1 values:
If the hardcoded path value is 0x1, try to use 0x2 and test if it is working
if 0x2 trick dont work than use RegAddBoot,... with 0x1 and use %PE_Programs%\%ProgramFolder%
exception registry extension:
even with 0x2 use RegAddBoot,.... for registring extension. example:
RegAddBoot,HKLM,0x2,"Software\Classes\Elex.Workspace\DefaultIcon",,"%PE_Programs%\%ProgramFolder%\elex.exe,0" RegAddBoot,HKLM,0x2,"Software\Classes\Elex.Workspace\shell\open\command",,"#$q%PE_Programs%\%ProgramFolder%\elex.exe#$q #$q%1#$q"
here it is:
http://lancelot.winb...r_Steelbone.rar
Waiting your fixed v3
#15
Posted 21 July 2009 - 05:40 PM
thx for all this hints. i know there are lots of "beauty" failures. ;(
so but few questions i have on that.
- do not use dirmove to copy files
in this case i had to move the files because during the extract procedure there will be 2 folders where the files are remaining.
{app} (ellback.exe,elex.chm,elex.exe,...)
{sys} (there is the gdiplus.dll)
so my mind was to have the file extracted into "Extraced" Folder, and as second Step the Preparation for the Copy Process. so sensless folders, files i tryed to delete
thx for all these hints, i will fix this soon
Regards
Steel
#16
Posted 21 July 2009 - 06:58 PM
#18
Posted 21 July 2009 - 11:56 PM
*
yep i understand youin this case i had to move the files
*
Dirmove is to copy folders, not files. Maybe your current usage may success with moving files but with future wb development it may cause an error resulting not moving files !! resulting a not working/uncompatible script.- do not use dirmove to copy files
instead of
DirMove,"%GlobalTemplates%\%EventExtract%\{app}\elback.exe","%GlobalTemplates%\%EventExtract%\"
better to use first FileCopy than FileDelete (ps, in your script case, filedelete not needed)
++Here is new modifications to v3 script:
**At last i find the reason of my failure with new script, innosetup line fixed
**gdiplus not copying on second build fixed
*I used api with registry, tested with LiveXP working fine, It should be working fine with VistaPE too
*I change interface, another hint: Whenever possible, try to fit the default wb screen .
*using application version with script file name is not a good idea . Better on title or description (I prefer description)
*unique script name is important, this time I used SB instead of steelbone. (we have some same app scripts written at different time by different author, best way I find is adding script author's nickname and/or shortnickname to script)
*added startmenu box
*added some fixes mentioned on previous post
Here it is:
http://lancelot.winb...Explorer_SB.rar
Well this time nothing left steelbone, all on golden plate. After your experience on current script I feel we will have more scripts coming from you soon
#19
Posted 22 July 2009 - 08:58 AM
thanks for the Optimization Hints, i also changed little bit too:
- nothing would be deleted in %Extracted%, only in the %Target_Prog%\%Programfolder%
--------------------------------------------------------------------------------------------------------------
so i have litte Problems since the "Hive changes"
why should i use
Hive_Load,Default
instead of
RegHiveLoad,WB-Default,%RegDefault%
- it seems to be that the RegAddBoot do not working. after starting he's is asking for a license.
- now i have strange hive files in %BaseDir% which are remain also after finishing the winbuilder process. (attachment)
the hives in my last script works well with RegHiveLoad,WB-Default,%RegDefault% + without regaddboot.
any Hints on that?
so if not, i will change the hive entrys back like the last script.
thx again
Steel
#20
Posted 22 July 2009 - 01:11 PM
I made some fixes, here is the new modified script (hoping this time it is final )
http://lancelot.winb...Explorer_SB.rar
working nicely with LiveXP, I hope works with VistaPE too
ps:
not with livexpthe hives in my last script works well
I leave rest of your questions to homes32
#22
Posted 10 September 2009 - 05:56 PM
anytime i try to look into my systems event logs, i click on Security, Applications, or System. and it gives me an error that says
"Could not connect to systems event log."
#23
Posted 10 September 2009 - 07:37 PM
right now you have to open the files directly.
windows <Vista/2008 (EVT Files) c:\windows\system32\config
Windows >XP/2003 (EVTX files) C:\windows\system32\winevt
Proceed as followed:
File-Open Log File - Direct
And then choose your Eventlog File depends on the OS.
i will have a look at the weekend for finding the correct path. primary for Vista
Regards
Steel
#25
Posted 03 November 2010 - 04:27 PM
im using WB 080 to build a livexp project.
screenie and log below
http://www.mediafire...emmxcqj6gksrqw6
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users