监控windows的事件

我用了一个下午完成了对于Windows的事件的监控，这个程序可以套用任何已知事件id的监控上，例如程序监控的是：318的事件。

然后调用我自己写的控制台程序，发送短信息：monitor

Const ForAppending = 8
i=0
Set objFSO = CreateObject("Scripting.FileSystemObject")
objFSO.DeleteFile("d:\powershell\monitor.txt")
Set objTextFile = objFSO.OpenTextFile _
    ("d:\powershell\monitor.txt", ForAppending, True)

Const CONVERT_TO_LOCAL_TIME = True
Set dtmStartDate = CreateObject("WbemScripting.SWbemDateTime")
Set dtmEndDate = CreateObject("WbemScripting.SWbemDateTime")

DateToCheck = Date
dtmEndDate.SetVarDate Date, True
dtmStartDate.SetVarDate DateToCheck, CONVERT_TO_LOCAL_TIME
dtmEndDate.SetVarDate DateToCheck + 1, CONVERT_TO_LOCAL_TIME
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colEvents = objWMIService.ExecQuery _
("Select * from Win32_NTLogEvent Where EventCode = '318' and TimeWritten >='" & DateToCheck & "'")
    objTextFile.WriteLine( "count:  " & i)
For each objEvent in colEvents
    i=i+1
    objTextFile.WriteLine( objEvent.Category)
    objTextFile.WriteLine( "Computername: " & objEvent.ComputerName)
    objTextFile.WriteLine( "Event code: " & objEvent.EventCode)
    objTextFile.WriteLine( "message:  " & objEvent.Message)
    objTextFile.WriteLine( "event type:  " & objEvent.Type)
    objTextFile.WriteLine( "TimeWritten:  " & objEvent.TimeWritten)
    objTextFile.WriteLine( "count:  " & i)
Next
set ws=wscript.createobject("wscript.shell")
if(i>0) then
  ws.run "cmd /c monitor.exe B 外呼系统的Com+错误请及时处理"
end if

objTextFile.Close