The "Relog()" method of the Sysmon ActiveX seems not to be working properly. Windows 7 + IE 11 + Sysmon.ocx v. 6.1.7601.17514
I have a (local) HTML document with an embedded Sysmon (System Monitor Control) ActiveX that has 1 counter added + a log file in TSV format located in a local network SMB Share. When I try to use the "Relog()" method, nothing happens and it does not throw an error. However when you pass an invalid parameter to the "FileType" parameter of the method it throws an "unspecified" error. So, below is the code:
--------------------------------sysmon.htm-------------------------------------------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//BR"><HTML>
<HEAD>
<META NAME="GENERATOR" Content="Microsoft System Monitor">
</HEAD><BODY onload="myf()">
<OBJECT ID="x" WIDTH="100%" HEIGHT="100%"
CLASSID="CLSID:C4D2D8E0-D1DD-11CE-940F-008029004347">
<PARAM NAME="_Version" VALUE="393219">
<PARAM NAME="_ExtentX" VALUE="11430">
<PARAM NAME="_ExtentY" VALUE="8996">
<PARAM NAME="DisplayType" VALUE="1">
<PARAM NAME="ReportValueType" VALUE="0">
<PARAM NAME="MaximumScale" VALUE="100">
<PARAM NAME="MinimumScale" VALUE="0">
<PARAM NAME="ShowLegend" VALUE="-1">
<PARAM NAME="ShowToolbar" VALUE="-1">
<PARAM NAME="ShowScaleLabels" VALUE="-1">
<PARAM NAME="ShowHorizontalGrid" VALUE="0">
<PARAM NAME="ShowVerticalGrid" VALUE="0">
<PARAM NAME="ShowValueBar" VALUE="-1">
<PARAM NAME="ManualUpdate" VALUE="0">
<PARAM NAME="Highlight" VALUE="0">
<PARAM NAME="ReadOnly" VALUE="0">
<PARAM NAME="MonitorDuplicateInstances" VALUE="-1">
<PARAM NAME="UpdateInterval" VALUE="1">
<PARAM NAME="DisplayFilter" VALUE="1">
<PARAM NAME="BackColorCtl" VALUE="-2147483633">
<PARAM NAME="ForeColor" VALUE="-1">
<PARAM NAME="BackColor" VALUE="-2147483633">
<PARAM NAME="GridColor" VALUE="8421504">
<PARAM NAME="TimeBarColor" VALUE="255">
<PARAM NAME="Appearance" VALUE="-1">
<PARAM NAME="BorderStyle" VALUE="0">
<PARAM NAME="NextCounterColor" VALUE="2">
<PARAM NAME="NextCounterWidth" VALUE="0">
<PARAM NAME="NextCounterLineStyle" VALUE="0">
<PARAM NAME="GraphTitle" VALUE="">
<PARAM NAME="YAxisLabel" VALUE="">
<PARAM NAME="DataSourceType" VALUE="1">
<PARAM NAME="SqlDsnName" VALUE="">
<PARAM NAME="SqlLogSetName" VALUE="">
<PARAM NAME="LogFileCount" VALUE="1">
<param name="LogFileName001" Value="\\computer2\sharedf\test6_000010.tsv">
<PARAM NAME="AmbientFont" VALUE="-1">
<PARAM NAME="LegendColumnWidths" VALUE="0.110294117647059 0.110294117647059 0.355392156862745 0.149509803921569 0.127450980392157 0.127450980392157 0.186274509803922">
<PARAM NAME="LegendSortDirection" VALUE="0">
<PARAM NAME="LegendSortColumn" VALUE="2097272">
<PARAM NAME="CounterCount" VALUE="1">
<PARAM NAME="MaximumSamples" VALUE="100">
<PARAM NAME="SampleCount" VALUE="100">
<PARAM NAME="SampleIndex" VALUE="16">
<PARAM NAME="StepNumber" VALUE="15">
<PARAM NAME="Counter00001.Path" VALUE="\Thread(_Total/_Total)\Elapsed Time">
<PARAM NAME="Counter00001.Color" VALUE="32768">
<PARAM NAME="Counter00001.Width" VALUE="1">
<PARAM NAME="Counter00001.LineStyle" VALUE="0">
<PARAM NAME="Counter00001.ScaleFactor" VALUE="0">
<PARAM NAME="Counter00001.Minimum" VALUE="0">
<PARAM NAME="Counter00001.Maximum" VALUE="45.3125">
<PARAM NAME="Counter00001.Average" VALUE="3.2354797979798">
<PARAM NAME="Counter00001.StatisticStatus" VALUE="0">
<PARAM NAME="Counter00001.Data" VALUE="4.6875 0 0 1.5625 6.25 29.6875 0 1.5625 0 0 31.25 0 0 0 0 0 0 3.125 4.6875 4.6875 0 0 0 0 0 0 0 3.125 45.3125 7.8125 0 1.5625 1.5625 0 0 0 1.5625 28.125 43.75 0 0 0 0 4.6875 0 3.125 3.125 37.5 3.125 0 1.5625 0 0 0 3.125 3.125 3.125 4.6875 0 0 0 0 0 0 1.5625 3.125 4.6875 0 0 0 0 0 0 0 3.125 3.125 1.5625 0 0 0 0 0 0 3.125 6.25 3.125 0 0 1.5625 0 0 0 1.5625 0 0 0 0 0 0 -1">
<PARAM NAME="Selected" VALUE="\Thread(_Total/_Total)\Elapsed Time">
</OBJECT>
<script>
function myf()
{
x.Relog("c:\\programdata\\test.tsv",5,1);
}
</script>
</BODY>
</HTML>
---------------------------------------------------------end--------------------------------------------------------------
* The valid values for the sysmon file type parameter are 3,4 and 5. I tried all of them and no error is thrown, but the new log file is also not created, not in the local disk nor in the SMB share which I have full access (including create files of course).
The TSV log file:
-----------------------------------6_000010.tsv----------------------------------------------
"(PDH-TSV 4.0) (Hora oficial do Brasil)(180)" "\Thread(_Total/_Total)\Elapsed Time" "comment"
"05/16/2014 07:47:57.375" "0" "comment"
"05/16/2014 07:47:58.390" "0" "comment"
"05/16/2014 07:47:59.390" "0" "comment"
------------------------------------------------------------------------------------------------
The TSV log file is loaded successfully. So, what am I doing incorrectly here?
How should I use the "Relog()" method ? Sample needed, if possible, please.
PS: I have also tried renaming the local HTML document to '.hta' just in case a security measure was blocking the method from being executed, but the exact same thing happens.
PS2: I have already read the MSDN article on the Sysmon ActiveX and the "Relog()" method.
Thanks.