Class Rex::Post::Meterpreter::Extensions::Stdapi::Sys::EventLog
In: lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb
Parent: Object

This class provides access to the Windows event log on the remote machine.

Methods

_read   clear   close   each_backwards   each_forwards   length   new   oldest   open   read_backwards   read_forwards  

Attributes

client  [RW] 

Public Class methods

new(hand)

Initializes an instance of the eventlog manipulator.

open(name)

Opens the supplied event log.

Public Instance methods

_read(flags, offset = 0)

the low level read function (takes flags, not hash, etc).

clear()

Clear the specified event log (and return nil).

close()

Return the record number of the oldest event (not necessarily 1).

length()

Return the number of records in the event log.

oldest()

Return the record number of the oldest event (not necessarily 1).

read_backwards()

Read the eventlog backwards, meaning from newest to oldest. Returns a EventRecord, and throws an exception after no more records.

read_forwards()

Read the eventlog forwards, meaning from oldest to newest. Returns a EventRecord, and throws an exception after no more records.

[Validate]