-
Notifications
You must be signed in to change notification settings - Fork 72
/
Copy pathWmic_Win32_FunctionLog.ahk
63 lines (51 loc) · 1.56 KB
/
Wmic_Win32_FunctionLog.ahk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
wmic_Win32_Group()
wmic_Win32_GroupUser()
wmic_Win32_Group()
{
global
wmic_logname = SystemLog-Win32_Group.txt
SetTimer,StopPullingLogs_11, 10000 ; try to pull logs for at least 10 seconds and then stop
sleep,15000 ;added for testing timer - should force it to go to label
namespace=\root\CIMV2
Class=Win32_Group
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
vOutput := ""
For Item in ComObjGet("winmgmts:").ExecQuery("Select * from Win32_Group") {
For Key in ComObjGet("winmgmts:\\.\root\CIMV2:Win32_Group").Properties_ {
vOutput .= Key.Name . "=" . Item[Key.Name] . "`r`n"
}
}
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
FileAppend,%vOutput%`n,%wmic_logname%.txt
SetTimer,StopPullingLogs_11, Off
return
StopPullingLogs_11:
FileAppend,%wmic_logname%`n, ERROR.txt
SetTimer,StopPullingLogs_11, Off
return
}
wmic_Win32_GroupUser()
{
global
wmic_logname = SystemLog-Win32_GroupUser.txt
SetTimer,StopPullingLogs_12, 15000 ; try to pull logs for at least 10 seconds and then stop
sleep,15000 ;added for testing timer - should force it to go to label
namespace=\root\CIMV2
Class=Win32_GroupUser
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
vOutput := ""
For Item in ComObjGet("winmgmts:").ExecQuery("Select * from Win32_GroupUser") {
For Key in ComObjGet("winmgmts:\\.\root\CIMV2:Win32_GroupUser").Properties_ {
vOutput .= Key.Name . "=" . Item[Key.Name] . "`r`n"
}
}
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
FileAppend,%vOutput%`n,%wmic_logname%.txt
SetTimer,StopPullingLogs_12, Off
return
StopPullingLogs_12:
FileAppend,%wmic_logname%`n, ERROR.txt
SetTimer,StopPullingLogs_12, Off
return
}