Skip to main content

Manage Windows printer event log settings from command line (i.e. GPO scripts)

Just a quick note to self that to enable/disable/query event log registration from the command line on Windows releases greater than XP and Server 2003 you can use the wevutil tool.

For example to enable logging of print requests on Windows 7 for auditing purposes:

wevtutil sl Microsoft-Windows-PrintService/Operational /e:true

The equivalent command for the the above on Windows XP is the following:

reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Providers /v EventLog /t REG_DWORD /d 7 /f
net stop spooler
net start spooler

Comments

Popular posts from this blog

Indexing Apache access logs with ELK (Elasticsearch+Logstash+Kibana)

Who said that grepping Apache logs has to be boring?

The truth is that, as Enteprise applications move to the browser too, Apache access logs are a gold mine, it does not matter what your role is: developer, support or sysadmin. If you are not mining them you are most likely missing out a ton of information and, probably, making the wrong decisions.
ELK (Elasticsearch, Logstash, Kibana) is a terrific, Open Source stack for visually analyzing Apache (or nginx) logs (but also any other timestamped data).

From 0 to ZFS replication in 5m with syncoid

The ZFS filesystem has many features that once you try them you can never go back. One of the lesser known is probably the support for replicating a zfs filesystem by sending the changes over the network with zfs send/receive.
Technically the filesystem changes don't even need to be sent over a network: you could as well dump them on a removable disk, then receive  from the same removable disk.

Detect missed executions with OpenNMS

Everyone knows that OpenNMS is a powerful monitoring solution, but not everyone knows that since version 1.10 circa it embeds the Drools rule processing engine. Drools programs can then be used to extend the event handling logic in new and powerful ways.

The following example shows how OpenNMS can be extended to detect missed executions for recurring activities like backups or scheduled jobs.