Recipe8.13.Triggering an Action When an Event Occurs


Recipe 8.13. Triggering an Action When an Event Occurs

You must be running Windows XP or Windows Server 2003 to use event triggers.


Problem

You want to kick off a program or script when a particular event occurs. For example, you may want to send yourself an email when the event occurs or write another event to the event log.

Solution

Using a graphical user interface

Event Viewer doesn't support creating triggers.

Using a command-line interface

Windows Server 2003 comes with a new tool called eventtriggers that allows you to configure event log triggers.

> eventtriggers /Create /TR "<TriggerName>" /L <LogName> /EID <EventID> /TK <Command>

For example:

> eventtriggers /Create /TR "Email Trigger" /L Application /EID 177 /TK "cscript  c:\scripts\email.vbs"

To view the list of event log triggers configured on a server, run this command:

> eventtriggers /query /s <ServerName>

To delete a trigger with ID 1, run this command:

> eventtriggers /delete /s <ServerName> /TID 1

To get a list of configured triggers, run this command:

> eventtriggers /query /s <ServerName>

Using VBScript

See Recipe 8.14 for an example of how to monitor events as they occur via a script.

Discussion

The eventtriggers utility is a powerful new tool that can run on a Windows XP or Windows Server 2003 computer and that runs a command when a specific event occurs. It has three main options for managing event triggers: /Create, /Delete, and /Query. Here is the syntax for the eventtriggers /Create option:

Parameter List:     /S      system           Specifies the remote system to connect to.         /U      [domain\]user    Specifies the user context under which the                              command should execute.         /P      [password]       Specifies the password for the given user                              context. Prompts for input if omitted.         /TR     triggername      Specifies a friendly name to associate with                              the Event Trigger.         /L      log              Specifies the NT Event Log(s) to monitor                              events from. Valid types include Application, System, Security, DNS Server Log, and Directory Log. The wildcard "*" may be used and the default value is "*".         /EID    id               Specifies a specific Event ID the Event                              Trigger should monitor.         /T      type             Specifies an Event Type that the trigger                              should monitor. Valid values include "ERROR", "INFORMATION", "WARNING", "SUCCESSAUDIT", and "FAILUREAUDIT".         /SO     source           Specifies a specific Event Source the Event                              Trigger should monitor.         /D      description      Specifies the description of the Event                              Trigger.         /TK     taskname         Specifies the task to execute when the                              Event Trigger conditions are met.         /RU     username         Specifies the user account (user context)                              under which the task runs. For the system                              account value must be "".         /RP     password         Specifies the password for the user.                              To prompt for the password, the value                              must be either "*" or none.                              Password will have no effect for the "SYSTEM"                              account.



Windows Server Cookbook
Windows Server Cookbook for Windows Server 2003 and Windows 2000
ISBN: 0596006330
EAN: 2147483647
Year: 2006
Pages: 380
Authors: Robbie Allen

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net