Trying to make daily log dumps using eventquery

S

Steve Stormont

We need to make daily dumps of the System, Application, and Security
logs of a certain machine in the office. We only want to dump new events
that have occured since the last dump, not the entire log (to keep file size
down). Since the user shuts down their PC each day, it would essentail just
be a dump of events that have happened on the current day.

I thouhgt that I could do this using eventquery.pl, but since it doesn't
seem to understand any sort of %DATE% variable, I'm at a loss. Any ideas on
how we can go about doing this?

Steve
 
T

Tiny-EPL

Stev:

Have you tried to use eventquery.vbs instead of eventquery.pl? Thi
tool has a good set of options to filter the events you want to dump
Ad also the results can be saved as csv or other formats you qill b
able to handle then as you wish.

Tin


-
Tiny-EP
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Blue screen of death and log files 2
Security logs not getting generated 1
STOP error code (0x000000f4 (0x0000003....) Memory dump & BSOD 8
Saving web.config caused W2K8 SP1 Machine Restart 4
make my Security Log more understandable 1
Security Log Category and Type Codes (using dumpel) 1
Unable to change Event Viewer Log Size 1
Need service that logs first and last mouse/keyboard event per day 2

Top