I have an implementation of Win32::EventLog to read from Security Windows Eventlog. My Problem is, that there is no data in the $Event{Message} Entry.
My Implementation looks like:
--------------------------------
if( $EventLog = Win32::EventLog->new("$monitor", $ENV{ComputerName} ) ) {
$~ = EventLogFormat;
$Win32::EventLog::GetMessageText = 1;
my %Records;
local %Event;
while( ( $EventLog->Read( EVENTLOG_BACKWARDS_READ
| EVENTLOG_SEQUENTIAL_READ,
0,
\%Event ) ) && ( $Event{TimeGenerated} > $TIME_LIMIT ) )
{
# Display the event if it is one of our requested
# event types
push(@Message,$Event{Message});
push(@Type,$Event{EventType});
push(@Time,scalar localtime( $Event{TimeGenerated} ));
push(@Source,$Event{Source});
push(@Category,$Event{Category});
push(@Computer,$Event{Computer});
push(@EventID,$Event{EventID});
--------------------------------
but still, $Event{Message} is empty.
Can someone help or give hints where I should continue to investigate further!
br,
Peter
