Rated 5 stars at SnapFiles
   Shareware and Freeware



This Month's Donators (none) (D. Moldenhauer -- last month's top donator $30) ... more PayPal

 

Eventlog Dump

Eventlog Dump is a simple batch utily. Eventlog Dump reads a remote NT/2000 eventlog and dumps it into a comma delimited, tab delimited, or XML file.

The full Delphi source code is included and no installation program is needed.


Download

Eventlog Dump(source code included) v0.1.1 [200 KB]
Requires Windows NT/Windows 2000. Tested on Windows 2000 Profession scanning Windows NT4 Server/Windows 2000 Server.


NO WARRANTY
ANY USE BY YOU OF THE SOFTWARE IS AT YOUR OWN RISK. THE
SOFTWARE IS PROVIDED FOR USE "AS IS" WITHOUT WARRANTY OF
ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE
SOFTWARE'S CREATOR DISCLAIMS ALL WARRANTIES OF ANY
KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, IMPLIED WARRANTIES OR CONDITIONS OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
THE SOFTWARE'S CREATOR IS NOT OBLIGATED TO PROVIDE
ANY UPDATES OR UPGRADES TO THE SOFTWARE. THE INCLUDED
SOURCE CODE MAY BE MODIFIED AND DISTRIBUTED FOR NON-PROFIT
USE ONLY.


Instructions

Run Eventlog Dump from the command prompt specifying the remote computer, log name, the output file, and optionally the type of file to create. By default, a comma delimited file is created. Run Eventlog Dump without and parameters to see a help screen on it's usuage.

The following example reads the application log of SERVER1 and places the results in an XML file called output.xml.

   eventlogcop SERVER1 Application output.xml XML



File Format

The fields that Eventlog Dump reports are as follows:

   RecordNumber, TimeGenerated, TimeWritten, EventID, EventType,
   EventCategory, Source, ComputerName, Description

The TimeGenerated and TimeWritten are the seconds since Seconds since 1-1-1970. Multi-line descriptions are concatenated into a single line.

For a COMMA delimited file, all fields are enclosed in double quotes and any double quotes in a field's contents are replaced by single quotes.

For a TAB delimited file, a tab in a field's contents are replaced by a single space.

For XML, less than, greater than, ampersans, and copyright symbols are replaced by their XML or unicode equivilant entitiy. > < & ©


Known Problems

XML output may contain illegal high ascii characters. The copyright symbol is replaced by it's unicode version, but other characters are not currently handled.

NOTE: The program must be run under an account that has permission to read the logs of the remote machines. If you can't connect to a remote machine using NT's Eventlog program, neither can Eventlog Dump.






Got an idea for improvement, a bug to report? Just want to say hello? Send me your feedback.
I can be contacted at jackass.joejoe@gmail.com English only please.