WEVTUTIL – Command line based Eventlog Management

Sinve Windows 2008 / Win7 you can use the new command “wevtutil” for command line based eventlog management. Some of these sub-functions are very helpful in the day 2 day work in a datacenter.

Here are some examples :

Searching a dedicated string a.e. “Internet” in the System Eventlog :

wevtutil qe System | findstr Internet

image

Get properties of System Eventlog :

wetutil gl System

image

Export Application to C:\Temp\Application.txt :

wevtutil epl system C:\temp\system.evtl

Here you can also find an advanced example of the installation of an own manifest like in this example from the Clustering Team Blog :

http://blogs.msdn.com/clustering/archive/2010/01/07/9944946.aspx

A full documentation of further options can be found at Technet here

Advertisements

One Response to “WEVTUTIL – Command line based Eventlog Management”

  1. Vernon Says:

    Everything is very open with a very clear explanation of the issues.
    It was truly informative. Your website is very helpful.
    Thanks for sharing!

Any further thoughts? Let me know here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: