- WMI Library -
WMI Libraly > Win32_NTLogEvent Class

Win32_NTLogEvent Class

This class is used to translate instances from the NT Eventlog.
Namespace value is root/CIMV2.
WMI Provider value is MS_NT_EVENTLOG_PROVIDER.


Properties

  • Category
  • Specifies a subcategory for this event. This subcategory is source specific.

  • CategoryString
  • Specifies the translation of the subcategory. The translation is source specific.

  • ComputerName
  • The variable-length null-terminated string specifying the name of the computer that generated this event.

  • Data
  • The binary data that accompanied the report of the NT event.

  • EventCode
  • This property has the value of the lower 16-bits of the EventIdentifier property. It is present to match the value displayed in the NT Event Viewer. NOTE: Two events from the same source may have the same value for this property but may have different severity and EventIdentifier values

  • EventIdentifier
  • Identifies the event. This is specific to the source that generated the event log entry, and is used, together with SourceName, to uniquely identify an NT event type.

  • EventType
  • The Type property specifies the type of event.

  • InsertionStrings
  • The insertion strings that accompanied the report of the NT event.

  • Logfile
  • The name of NT Eventlog logfile. This is used together with the RecordNumber to uniquely identify an instance of this class.

  • Message
  • The event message as it appears in the NT Eventlog. This is a standard message with zero or more insertion strings supplied by the source of the NT event. The insertion strings are inserted into the standard message in a predefined format. If there are no insertion strings or there is a problem inserting the insertion strings, only the standard message will be present in this field.

  • RecordNumber
  • Identifies the event within the NT Eventlog logfile. This is specific to the logfile and is used together with the logfile name to uniquely identify an instance of this class.

  • SourceName
  • The variable-length null-terminated string specifying the name of the source (application, service, driver, subsystem) that generated the entry. It is used, together with the EventIdentifier, to uniquely identify an NT event type.

  • TimeGenerated
  • Specifies the time at which the source generated the event.

  • TimeWritten
  • Specifies the time at which the event was written to the logfile.

  • Type
  • Specifies the type of event. This is an enumerated string

  • User
  • The user name of the logged on user when the event ocurred. If the user name cannot be determined this will be NULL


    Methods

    Method not found.

    Example WQL

    SELECT * FROM Win32_NTLogEvent
    About this site information

    This contents is created by WMI having class information.
    WMI Environment is Windows Server 2008 R2 Enterprise Edition.

    This link is Microsoft documents for "Managing Windows with WMI".
    That is VB(Visual Basic) scripting sample.
    This link is Microsoft documents for "Advanced Programming Topics in WMI .NET".
    That is VB.net(Visual Basic .net) scripting sample.

    - WMI Library -
    http://library.wmifun.net/

    WMI useful by VB,VB.Net,VC,VC.Net,VC#.Net,VBS(WSH),PowerShell for PC asset management, system monitoring and collecting hardware and software inventory.

    This website is created by Toh.
    Copyright(C) 1997-2016 WMI Fun !!. All rights reserved.
    ^ Go to the top...