在系统管理中服务器日志的重要性无需多言,如何更好的做好日志备份是一管理员必须的技能,以应用程序为例,我们都知道应用程序日志的路径c:\windows\system32\config\appevent.evt

 

 

我们可以利用以下脚本按自己要求备份日志:

dtmThisDay = Day(Date)
dtmThisMonth = Month(Date)
dtmThisYear = Year(Date)
strBackupName = dtmThisYear & "_" & dtmThisMonth & "_" & dtmThisDay
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate,(Backup)}!\\" & _
        strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
    ("Select * from Win32_NTEventLogFile where LogFileName='Application'")
Set objNetwork = CreateObject("WScript.Network")
   strLocalComputer = objNetwork.ComputerName 

For Each objLogfile in colLogFiles
    objLogFile.BackupEventLog("C:\" & strLocalComputer  & "_" & strBackupName & _
        "_application.evt")
Next