command line: open saved event log?

Archived from groups: microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsxp.security_admin (More info?)

Hi:

Is there a way to open a saved eventlog (*.evt) from command line?

Thanks in Advance!
Polaris
4 answers Last reply
More about command line open saved event
  1. Archived from groups: microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsxp.security_admin (More info?)

    In news:u7awJvJFFHA.1264@TK2MSFTNGP12.phx.gbl,
    Polaris <etpolaris@hotmail.com> had this to say:


    > Hi:
    >
    > Is there a way to open a saved eventlog (*.evt) from command line?
    >
    > Thanks in Advance!
    > Polaris

    Here's what I did.

    Save the *evt file where you will remember the location. Run and type in
    that location and the name of the log that you want to open, in my case it
    was test.evt and so I typed X:\test.evt and it opened. The first time it
    asked me to pick what I wanted to open it with, I clicked browse, aimed at
    the %WinDir%\System32\eventvwr.msc file, made that the default, gave it a
    description ("Event Log File") and clicked okay. Then, to make sure it
    worked, I ran the prompt again and it worked wonders.

    Galen

    --

    "My mind rebels at stagnation. Give me problems, give me work, give me
    the most abstruse cryptogram or the most intricate analysis, and I am
    in my own proper atmosphere. I can dispense then with artificial
    stimulants. But I abhor the dull routine of existence. I crave for
    mental exaltation." -- Sherlock Holmes
  2. Archived from groups: microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsxp.security_admin (More info?)

    Polaris wrote:
    > Is there a way to open a saved eventlog (*.evt) from command line?
    >

    Evt files are an input option of Logparser.
    IMO a must to process any logfile with sql like queries with these
    output formats: (snipped from the help file)
    Generic Text File Output Formats
    NAT: formats output records as readable tabulated columns.
    CSV: formats output records as comma-separated values text.
    TSV: formats output records as tab-separated or space-separated values text.
    XML: formats output records as XML documents.
    W3C: formats output records in the W3C Extended Log File Format.
    TPL: formats output records following user-defined templates.
    IIS: formats output records in the Microsoft IIS Log File Format.
    Special-purpose Output Formats
    SQL: uploads output records to a table in a SQL database.
    SYSLOG: sends output records to a Syslog server.
    DATAGRID: displays output records in a graphical user interface.
    CHART: creates image files containing charts.


    And even scriptable.
    http://www.logparser.com
    http://www.microsoft.com/downloads/details.aspx?familyid=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en

    HTH

    --
    Gruesse Greetings Saludos Saluti Salutations
    Matthias
    ---------+---------+---------+---------+---------+---------+---------+
  3. Archived from groups: microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsxp.security_admin (More info?)

    On Wed, 16 Feb 2005 18:52:57 -0800, "Polaris" <etpolaris@hotmail.com>
    wrote in microsoft.public.win2000.cmdprompt.admin,
    microsoft.public.windowsxp.security_admin:

    >Is there a way to open a saved eventlog (*.evt) from command line?

    DUMPEL.EXE from the Resource Kit:
    DUMPEL -b -l saved.evt
    See:
    <http://www.microsoft.com/downloads/details.aspx?FamilyID=c9c31b3d-c3a9-4a73-86a3-630a3c475c1a>.

    or PsLogList:
    PsLogList -l saved.evt
    from <http://www.sysinternals.com/ntw2k/freeware/psloglist.shtml>

    --
    Michael Bednarek http://mbednarek.com/ "POST NO BILLS"
  4. Archived from groups: microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsxp.security_admin (More info?)

    Thank you all very much for your help! I will use the dumpel for now.

    Polaris

    "Polaris" <etpolaris@hotmail.com> wrote in message
    news:u7awJvJFFHA.1264@TK2MSFTNGP12.phx.gbl...
    > Hi:
    >
    > Is there a way to open a saved eventlog (*.evt) from command line?
    >
    > Thanks in Advance!
    > Polaris
    >
Ask a new question

Read More

Security Microsoft Command Line Windows XP