Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Simple way to backup event log on Windows Server

Tags:

batch-file

backup

event-log

Is it possibile to create a simple way to backup the event log, with such as a batch file or a simple app ? I need to make it working on a customer's site, where the reference is an non-expert user. Thanks

like image 596
dancerjude Avatar asked Mar 19 '09 11:03

dancerjude

4 Answers

If you're using Windows 2008, use the built-in wevtutil command. Example:

wevtutil epl Application c:\temp\foo.evtx

Otherwise, get dumpel.exe from the resource kit, or psloglist from http://technet.microsoft.com/en-us/sysinternals/bb897544.aspx

like image 113
JohnW Avatar answered Sep 24 '22 19:09

JohnW

With powershell and export-clixml its oneliner. 

  get-eventlog -list | %{ get-eventlog $_.Log | export-clixml -path ($_.Log + ".xml") }
like image 26
Jakub Šturc Avatar answered Sep 23 '22 19:09

Jakub Šturc

The Microsoft Script Center has some sample code for Backing Up and Clearing Event Logs using VBScript and WMI.

Frank-Peter Schultze's Scripting Site has some code to clear an event log ( http://www.fpschultze.de/uploads/clrevt.vbs.txt) that you can modify to backup or backup then clear.

If you have access to the server you can backup from the Event Viewer by right-clicking on a log and using the "Save Log File As..." command. You can save to a binary, tab delimited or comma delimited file.

like image 29
Patrick Cuff Avatar answered Sep 24 '22 19:09

Patrick Cuff

Finally I made a little winapp using this method found on the internet:

public void DoBackup(string sLogName)
{
    string sBackup = sLogName;  // could be for example "Application"
    EventLog log = new EventLog();
    log.Source = sBackup;

    var query = from EventLogEntry entry in log.Entries
                orderby entry.TimeGenerated descending
                select entry;

    string sBackupName = sBackup+"Log";
    var xml = new XDocument(
        new XElement(sBackupName,
            from EventLogEntry entry in log.Entries
            orderby entry.TimeGenerated descending
            select new XElement("Log",
              new XElement("Message", entry.Message),
              new XElement("TimeGenerated", entry.TimeGenerated),
              new XElement("Source", entry.Source),
              new XElement("EntryType", entry.EntryType.ToString())
            )
          )
        );

    DateTime oggi = DateTime.Now;
    string sToday = DateTime.Now.ToString("yyyyMMdd_hhmmss");
    string path = String.Format("{0}_{1}.xml", sBackupName, sToday);
    xml.Save(Path.Combine(Environment.CurrentDirectory, path));
}

this is the source link:

It simply works great!

like image 41
dancerjude Avatar answered Sep 25 '22 19:09

dancerjude
Sign in to Comment

Related questions

Tell eclipse to reload environment variables
Is it possible to show the command prompt window when launching a batch file from the task scheduler?
How to use setx command in a windows batch file
batch scripting + ant - stop cmd prompt from auto exiting
execute a batch file from nodejs
How can I use nested quotes when calling a powershell script within a batch file?
IF, CALL, EXIT and %ERRORLEVEL% in a .bat
How can I pass batch arguments with dots into a powershell script?
How to call MongoDB commands using .bat file
How do I include ampersands in a powershell command in a batch file?
Execute a bat file on keypress in VsCode
Copying from network share using BAT
Honoring exit codes from batch files invoked by msbuild
Trying to edit the registry in Windows with a batch file
Using Command Prompt To Call a Batch File in a Sub-Directory
How do you have shared log files under Windows?
Comparing Two Folders and its Subfolder batch file
Waiting until a process created by calling a batch file has completed
How to prevent sqlcmd truncation with for xml path query result
Why does the command "Timeout" in a batch file suddenly not work anymore?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!