When querying the Win32_NTLogEvent Class from WMI with WQL is the TimeGenerated property based on Lo

Posted by jpmcclung on Stack Overflow See other posts from Stack Overflow or by jpmcclung
Published on 2010-06-17T15:47:47Z Indexed on 2010/06/17 15:53 UTC
Read the original article Hit count: 845

Filed under:

c#

|

wmi

|

wql

|

windows-service

I am writing a C# windows service that is doing some churning through the eventlog on a few domain controllers. Some of them are Windows Server 2003 and some are Windows Server 2008. Upon the service stopping I am attempting to resume where I left off in the logs. In order to do this instead of

SELECT * FROM Win32_NTLogEvent WHERE --criteria for events I am looking for

I am doing

SELECT * FROM Win32_NTLogEvent WHERE TimeGenerated = --some date AND --criteria for events I am looking for

At one point I was convinced that the TimeGenerated field was in the local time of the server but now it seems that the Windows 2008 Servers are using GMT to record that time. Can anyone shed some light on if this is a real different between the way the two operating systems function or is this a configuration problem?

© Stack Overflow or respective owner

Related posts about c#

.NET WebRequest.PreAuthenticate not quite what it sounds like

as seen on West-Wind - Search for 'West-Wind'
I’ve run into the problem a few times now: How to pre-authenticate .NET WebRequest calls doing an HTTP call to the server – essentially send authentication credentials on the very first request instead of waiting for a server challenge first? At first glance this sound like it should be easy:… >>> More
HttpWebRequest and Ignoring SSL Certificate Errors

as seen on West-Wind - Search for 'West-Wind'
Man I can't believe this. I'm still mucking around with OFX servers and it drives me absolutely crazy how some these servers are just so unbelievably misconfigured. I've recently hit three different 3 major brokerages which fail HTTP validation with bad or corrupt certificates at least according to… >>> More
The dynamic Type in C# Simplifies COM Member Access from Visual FoxPro

as seen on West-Wind - Search for 'West-Wind'
I’ve written quite a bit about Visual FoxPro interoperating with .NET in the past both for ASP.NET interacting with Visual FoxPro COM objects as well as Visual FoxPro calling into .NET code via COM Interop. COM Interop with Visual FoxPro has a number of problems but one of them at least got a lot… >>> More
Dynamic Type to do away with Reflection

as seen on West-Wind - Search for 'West-Wind'
The dynamic type in C# 4.0 is a welcome addition to the language. One thing I’ve been doing a lot with it is to remove explicit Reflection code that’s often necessary when you ‘dynamically’ need to walk and object hierarchy. In the past I’ve had a number of ReflectionUtils that used string based expressions… >>> More
Finding a Relative Path in .NET

as seen on West-Wind - Search for 'West-Wind'
Here’s a nice and simple path utility that I’ve needed in a number of applications: I need to find a relative path based on a base path. So if I’m working in a folder called c:\temp\templates\ and I want to find a relative path for c:\temp\templates\subdir\test.txt I want to receive back subdir\test… >>> More

Related posts about wmi

XP machines on Domain not reporting WMI Data in a 2003 Server Environment

as seen on Server Fault - Search for 'Server Fault'
I am running into a very quirky issue and I hope someone out there can help. We use a monitoring program for several networks we oversee that is WMI data dependent for a great deal of it's functionality. The Windows 2000 Professional workstations, as well as the 2003 servers in our network report… >>> More
Setting WMI permissions remotely

as seen on Server Fault - Search for 'Server Fault'
I've developed a tool that does a simple retrieval of registered services and installed applications from remote Windows Server 2003 servers via WMI. My problem is, the tool needs to be run on an ad hoc basis by a user who is not an administrator of those servers. I've created a domain user (which… >>> More
WMI Security error TF255437 when installing TFS 2010 RC

as seen on Stack Overflow - Search for 'Stack Overflow'
Does anyone know the resolution to the following error. In this scenario, TFS will be using a local report server instance which points uses a separate SQL Server database engine instance. An error occurred while querying the Windows Management Instrumentation (WMI) interface on the following … >>> More
Associate mount points with local disks in VBscript / WMI

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a VBscript that outputs various config items about a system. Both hardware and software. I can output disks and their associated partitions. I can output mount points. I do not seem to be able to associate a mount point with a local disk (where it actually is a local disk). I need to be able… >>> More
WMI Windows 7 vs Server 2003 R2 Problem

as seen on Stack Overflow - Search for 'Stack Overflow'
I have the below procedures running one after the Other. It seems to work fine in Windows 7 but fails on Windows Server 2003 R2. Any Ideas Why? Am i suppose to be disposing For Cpu ManagementObjectSearcher cpuSearcher = new ManagementObjectSearcher("root\\CIMv2", "SELECT * FROM Win32_Processor"); foreach… >>> More