Rackware Administration

Commands to Check the Running Jobs in CLI

rw job query -t running

rw job query -t history

rw job show <jobid>

rw log show -j <jobid>

To Collect the Application and System Events from Source Server though the RMM

For Application event log file:

ssh SYSTEM@ “wevtutil epl System SYSTEM.evtx”
scp SYSTEM@:/home/SYSTEM/SYSTEM.evtx /tmp/SYSTEM_”$(date +”%Y_%m_%d_%I_%M_%p”)”
ssh SYSTEM@ “rm -rf /home/SYSTEM/SYSTEM.evtx”

For Application event log file:

ssh SYSTEM@ “wevtutil epl APPLICATION APPLICATION.evtx”
scp SYSTEM@:/home/SYSTEM/APPLICATION.evtx /tmp/APPLICATION_”$(date +”%Y_%m_%d_%I_%M_%p”)”
ssh SYSTEM@ “rm -rf /home/SYSTEM/APPLICATION.evtx”