command line: open saved event log?

polaris

Distinguished
Apr 29, 2001
63
0
18,630
0
Archived from groups: microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsxp.security_admin (More info?)

Hi:

Is there a way to open a saved eventlog (*.evt) from command line?

Thanks in Advance!
Polaris
 

galen

Distinguished
May 24, 2004
1,879
0
19,780
0
Archived from groups: microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsxp.security_admin (More info?)

In news:u7awJvJFFHA.1264@TK2MSFTNGP12.phx.gbl,
Polaris <etpolaris@hotmail.com> had this to say:


> Hi:
>
> Is there a way to open a saved eventlog (*.evt) from command line?
>
> Thanks in Advance!
> Polaris

Here's what I did.

Save the *evt file where you will remember the location. Run and type in
that location and the name of the log that you want to open, in my case it
was test.evt and so I typed X:\test.evt and it opened. The first time it
asked me to pick what I wanted to open it with, I clicked browse, aimed at
the %WinDir%\System32\eventvwr.msc file, made that the default, gave it a
description ("Event Log File") and clicked okay. Then, to make sure it
worked, I ran the prompt again and it worked wonders.

Galen

--

"My mind rebels at stagnation. Give me problems, give me work, give me
the most abstruse cryptogram or the most intricate analysis, and I am
in my own proper atmosphere. I can dispense then with artificial
stimulants. But I abhor the dull routine of existence. I crave for
mental exaltation." -- Sherlock Holmes
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsxp.security_admin (More info?)

Polaris wrote:
> Is there a way to open a saved eventlog (*.evt) from command line?
>

Evt files are an input option of Logparser.
IMO a must to process any logfile with sql like queries with these
output formats: (snipped from the help file)
Generic Text File Output Formats
NAT: formats output records as readable tabulated columns.
CSV: formats output records as comma-separated values text.
TSV: formats output records as tab-separated or space-separated values text.
XML: formats output records as XML documents.
W3C: formats output records in the W3C Extended Log File Format.
TPL: formats output records following user-defined templates.
IIS: formats output records in the Microsoft IIS Log File Format.
Special-purpose Output Formats
SQL: uploads output records to a table in a SQL database.
SYSLOG: sends output records to a Syslog server.
DATAGRID: displays output records in a graphical user interface.
CHART: creates image files containing charts.


And even scriptable.
http://www.logparser.com
http://www.microsoft.com/downloads/details.aspx?familyid=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en

HTH

--
Gruesse Greetings Saludos Saluti Salutations
Matthias
---------+---------+---------+---------+---------+---------+---------+
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsxp.security_admin (More info?)

On Wed, 16 Feb 2005 18:52:57 -0800, "Polaris" <etpolaris@hotmail.com>
wrote in microsoft.public.win2000.cmdprompt.admin,
microsoft.public.windowsxp.security_admin:

>Is there a way to open a saved eventlog (*.evt) from command line?

DUMPEL.EXE from the Resource Kit:
DUMPEL -b -l saved.evt
See:
<http://www.microsoft.com/downloads/details.aspx?FamilyID=c9c31b3d-c3a9-4a73-86a3-630a3c475c1a>.

or PsLogList:
PsLogList -l saved.evt
from <http://www.sysinternals.com/ntw2k/freeware/psloglist.shtml>

--
Michael Bednarek http://mbednarek.com/ "POST NO BILLS"
 

polaris

Distinguished
Apr 29, 2001
63
0
18,630
0
Archived from groups: microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsxp.security_admin (More info?)

Thank you all very much for your help! I will use the dumpel for now.

Polaris

"Polaris" <etpolaris@hotmail.com> wrote in message
news:u7awJvJFFHA.1264@TK2MSFTNGP12.phx.gbl...
> Hi:
>
> Is there a way to open a saved eventlog (*.evt) from command line?
>
> Thanks in Advance!
> Polaris
>
 

ASK THE COMMUNITY

TRENDING THREADS