Skip to content

A simple Node module that will read Windows Event Log and ETW Events

License

Notifications You must be signed in to change notification settings

SystemMonitorTools/windows-event-reader

 
 

Repository files navigation

windows-event-reader

Build status

A simple node module which wrap's the Get-WinEvent powershell cmdlet. This wrapper will read events from the Windows Event Log.

Getting Started

Install this module by doing (on a Windows machine):

npm install windows-event-reader --save

Creating a WinEventReader instance:

var WinEventReader = require('windows-event-reader');
// You can change start and end time to be different, but incremental
// checking for new events will be within a time window specified by frequency
var winEvent = new WinEventReader({
    providers: ['node-event-reader Test Suite'],
    startTime: new Date(Date.now()),
    endTime: new Date(Date.now()),
    frequency: 2000
});

Getting Events

To get events going, create a new instance of WinEventReader which exposes an 'event emitter' like interface:

winEvent.on('data', logObjects => {
    // logObjects is an Array
    logObjects.forEach(logObject => {
        console.dir(logObject);
    });
});

winEvent.on('error', err => {
    console.error(err);
});

winEvent.on('end', () => {
    console.log('event reader stopped');
});

Log Objects:

Log objects from the data event will contain a few fields:

{ id: 1000, 
  providerName: 'node-event-reader Test Suite',
  // if available, the provide GUID
  providerId: null, 
  logName: 'Application',
  // if available, the processId
  processId: null, 
  // if available, the newProcessId (example scenario: process creation)
  newProcessId: null, 
  // if available, the threadId
  threadId: undefined,
  machineName: 'DESKTOP-1M76SII',
  // this is a Date object
  timeCreated: Mon Feb 22 2016 16:08:36 GMT-0800 (Pacific Standard Time), 
  levelDisplayName: 'Information', 
  message: 'Information2 Log' 
}

Contributing

Contributions are always welcome! Please read the contributing guide before sending a pull-request.

About

A simple Node module that will read Windows Event Log and ETW Events

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 100.0%