WIN i specifični filteri za Event Logs

Meni treba da vidim sve događaje koje je log zabeležio, ali za uzak vremenski period od 10 min (+/-5min u odnosu na vreme događaja), a to nema načina da uradim kroz predefinisane stavke, što znači da moram da pišem XML filter.

Evo jednog primera koji RADI (link) :

Problem je što se on referiše na UTC Time, ali to izgleda ne može drugačije.

The dateTime is specified in the following form “YYYY-MM-DDThh:mm:ss” where (link) :
YYYY indicates the year
MM indicates the month
DD indicates the day
T indicates the start of the required time section
hh indicates the hour
mm indicates the minute
ss indicates the second
Note: All components are required!
To specify a time zone, you can either enter a dateTime in UTC time by adding a “Z” behind the time – like this :
2002-05-30T09:30:10Z
or you can specify an offset from the UTC time by adding a positive or negative time behind the time – like this :
2002-05-30T09:30:10-06:00
or
2002-05-30T09:30:10+06:00
Beograd je UTC+2h, ali to na žalost sistem ne prihvata, pa samo pri zadavanju vremena oduzeti 2h. Uzdah. Microsoft.

I evo kako na kraju upit TREBA da izgleda ( i RADI!!!!!) :

Na WIN 7, WIN 10, WIN 2012 R2 postoji i “Custom View” jessss :

Comments are closed.