Rotating event Log files in Windows Server 2003. Shouldn't this be done automatically?

First off let me say yes, we still use Windows Server 2003 SP2 here. It serves the purpose we need it for and as of right now those needs may be small but are still very relevant. I would love to wipe the server and install RHEL6 but that's further down the line.

Alright, back to the task at hand. When I first started working here, about a year ago, the server performance was abysmal at best. That led me to start looking at what was dragging the server down, besides being a Windows box that is. One of many, many, findings was the Event log files were not set to be rotated out, ever! With my background in Linux administration I was completely baffled as to why this would not be a standard on any server.. Bueller?

So, I went about looking into this and found many solutions. There were two options that stuck out as viable alternatives one was an .adm template and the other was simple bash script... I mean batch script (:

I wanted a quick solution that I could possibly modify for other uses on the fly with minimal fuss, that obviously left out an adm template. So, off to work on a batch script I went. After shaking off the rust of batch scripting, it was an easy solution.

I utilized Sysinternals Psloglist.exe in the below example. A later addition also adds 7zip by Igor Pavlov into the mix so the weeks log files can be zipped and stored for later viewing if necessary.

Below is the code that I used to accomplish this task, please feel free to adjust this code to fit your systems if you are in a similar situation.

REM This is to rotate the logs:
REM Created by Dan M.
REM This work is released un the Creative Commons Non-commercial Share A-like license
REM http://creativecommons.org/licenses/by-nc-sa/3.0/legalcode

:: Get date in useful format
For /f "tokens=2-4 delims=/ " %%a in ('date /t') do (set newdate=%%c-%%a-%%b)

:: Echo
ECHO "This is a log of the purge/rotation of the event logs" > f:\logs\file.txt
ECHO "-----------------------------------------------------" >> f:\logs\file.txt

:: Run Sysinternals PslogList.exe
:: Echo out times to file.txt for emailing
%SYSTEMDRIVE%\SysinternalsSuite\psloglist.exe Applications -c -g f:\Logs\%newdate%_APP_EVTS.evt
ECHO "Application events were rotated %newdate% at %time%" >> f:\logs\file.txt
%SYSTEMDRIVE%\SysinternalsSuite\psloglist.exe Security -c -g f:\Logs\%newdate%_SEC_EVTS.evt
ECHO "Security events were rotated %newdate% at %time%" >> f:\logs\file.txt
%SYSTEMDRIVE%\SysinternalsSuite\psloglist.exe System -c -g f:\Logs\%newdate%_SYS_EVTS.evt
ECHO "System events were rotated %newdate% at %time%" >> f:\logs\file.txt

:: Call email_me.cmd
CALL g:\scripts\Email_me.cmd

Remember adjust your variables and destinations accordingly and as always happy admin-ing!

Back to posting

Time to get back to posting to this little gem of a blog I have here. What to blog about is the only question...

Gmail: Forwarding only actual email to your Blackberry

If you are like me and setup your primary Gmail account with your Blackberry, or other smartphone, you more than likely get tired of all the "junk" email that goes to your device and startrs it blinking at 230am. This junk for me was mainly mailing lists as I am on a few in the Linux world. Well let's see if we can clean up this little issue.

Some people say why don't you just use the Gmail app for Blackberry devices?
A. Because for me it freezes constantly and breaks my data connection, I'm not the only one. But if you want to use it keep that in mind and also that it hasn't been updated in around 2 years.

What you will need:
1. A computer to access your Gmail account
2. A Blackberry email address(optional, you can setup a new gmail acct too)
3.

Procedure:
Ok lets log into our gmail account and click on Settings, click Filters, Create a new Filter. Now here is where we need to put in some information in regard to what we WANT forwarded. I have a list of email domains that I have compiled that is in no way exhaustive but a start, I add to it all the time.

In the FROM field:
*@gmail.com|*@hotmail.com|*@yahoo.com|*@att.blackberry.net|*@vzw.blackberry.net|*@aol.com|*@msn.com|*@live.com|*@roadrunner.com|*@gmx.de|*@gmx.net
This covers a majority of the providers, in order to add more use the pipe(|)and a star(*) - Important NO SPACES or the rule will fail. So if I wanted to add ACME corporations email I would simplty append |*@acme.com to the end of the string.

In the TO field:
MyEmail@gmail.com

I leave HAS THE WORDS and SUBJECT empty because I want almost all email to come through.

In the DOESN'T HAVE feild:
cdlug-general OR chat OR LTP

Put the key words you DON'T want forwarded, seperated by OR. You can use other boolean phrases also, but I will not cover them in this article.
**I highly suggest you put "chat" in the feild. If you don't every gchat you have will be forwarded to your phone and that can get annoying.

Once you are done with that hit "Next Step"
Now place a check in the box next to "Forward it To:" select your forwarding address. if you have not set one up yet simply click "Manage your forwarding address", select "add new", put in your blackberry.net address and await the verification code. Once the code comes type it into the box and click "Save changes" at the bottom of the page, you will be returned to the Filters page.

Now you can hit "Create filter", I do not suggest checking the apply to XX number of conversations below or you may clog up your blackberry.

Done. Now all email from the email domains we setup in the begining will be forwarded to your blackberry and all the ones you don't want will stay in the cloud.

Hope that helps! If you have any questions/comments please feel free to post them!

Dan