You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is there a way to filter the events that are searched to only the "Error" and not "warning" or "info"?
I'm trying to count the number of "disk" errors in my event log and trying to speed up the code a little bit by not having to iterate through every event in the event log.
Here is my code:
diskErrors := 0.0
t, _ := evtx.Open(`C:\Windows\System32\winevt\Logs\System.evtx`)
defer t.Close()
e := t.FastEvents()
path := evtx.Path("Event/System/EventID/Qualifiers")
for a := range e {
d, _ := a.GetMap(&path)
if d != nil {
var providerData map[string]interface{} = *d
switch providerData["Qualifiers"] {
case "49156":
switch providerData["Value"] {
case "7":
diskErrors += 1
}
}
}
}
Any help would be appreciated!
The text was updated successfully, but these errors were encountered:
Is there a way to filter the events that are searched to only the "Error" and not "warning" or "info"?
I'm trying to count the number of "disk" errors in my event log and trying to speed up the code a little bit by not having to iterate through every event in the event log.
Here is my code:
Any help would be appreciated!
The text was updated successfully, but these errors were encountered: