Event Logs and Remote Event Log access

by Mark on 2007/05/23

You can use the Event Viewer MMC snap-in to remotely view the event logs on. With Windows XP/2003 you don’t get all the latest functionality available with the new event logs in Server 2007

Command Line Event Log access

Working with the event logs from the command line has improved in Server 2007 Core. The old eventquery VBScript has been replaced by a new command line tool:

wevtutil.exe.

Using the /el switch will provide a list of event logs you can query using the /qe switch.

Common switches that come in handy

/c:5 – Count. Specifies how many records you want returned, in this example 5

/rd – Reverse Direction. By default the oldest events are displayed first, so if you used the /c switch to dump 5 events you would get the first 5 in the log, probably not the events you’re most interested in. To see the 5 most recent events you would specify /c:5 /rd:True

/f: – Format. By default the output is raw xml and when dumped out to the screen it isn’t the most readable output. Use /f:text to see the events in plain text.

/e – Element. If you’re dumping your log in XML, you must use this switch and specify a root element to get well formed XML.

So if you wanted to see the most recent event in the system log in text format, you would run:

Wevtutil qe /f:text /c:1 /rd:true system

To show this event in xml and dump it to a network share, run:

Wevtutil qe /c:1 /rd:true /e:root system > \\computer\share\system.xml

Like this:

Be the first to like this post.

No comments yet

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (Address never made public)

Name

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

You may use basic HTML in your comments. Your email address will not be published.

Subscribe to this comment feed via RSS

Disclaimer

"This posting is provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use."
Search

Search
Contacting EnX

By Phone:
P: 403-775-4288
T: 866-601-2646
F: 403-775-4288

By Email:
Support
Submit a request
Windows Live EnX
EnX on LinkedIN.
Categories
Slashdot – News for nerds…
- Rare 'Annular Solar Eclipse' Tonight
  First time accepted submitter Trubacca writes "The Northern-Pacific "Ring of Fire" has an opportunity tonight to observe an entirely different "ring of fire": an annular solar eclipse where the moon, owing to it's distance from the Earth, seems smaller than the apparent diameter of the sun. This results in the fiery ring for whi […]
  timothy
- Turning Soap Film Into a Projector Screen
  An anonymous reader writes "3 graduate students from University of Tokyo, Carnegie Mellon University, and the University of Tsukuba have developed a colloidal display — a clear projector screen that can control its transparency. Normally soap film will allow light to pass through, but the colloidal display does not. It mixes colloid into the solut […]
  timothy
- Programming — Now Starting In Elementary School
  the agent man writes "The idea of getting kids interested in programming in spite of their common perception of programming to be 'hard and boring' is an ongoing Slashdot discussion. With support of the National Science Foundation, the Scalable Game Design project has explored how to bring computer science education into the curriculum of midd […]
  timothy
- Assange Stands 'Real Chance' of Election In Australia
  Okian Warrior writes "Various new sources are reporting the results of a recent Labor Party poll, indicating that Julian Assange would be elected to the Australian senate, should he choose to run. From the Sun Daily article: 'Controversial WikiLeaks founder Julian Assange stands a real chance of winning an upper house seat in his native Australia i […]
  timothy
- Apple Lifts Ban On the Word "Jailbreak"
  Gunkerty Jeb writes "After banning the word 'jailbreak' from its app store and music library, Apple [Friday] reversed course and again permits the term — slang for hacking into a device to download unauthorized content — to appear on iTunes and its App Store. On Thursday bloggers noticed Apple had censored the word, using the Thin […]
  timothy
- Pakistan Blocks Twitter Over 'Blasphemous' Images
  Diggester writes with this news from the Times of India: "Pakistani authorities on Friday further widened the crackdown on websites with blasphemous contents by restricting access to popular social networking website Twitter. Pakistani users were unable to log into Twitter after internet service providers blocked access to the site." The block was […]
  timothy
- ARM, Intel Battle Heats Up
  An anonymous reader writes "Low-power processor maker ARM Holdings is stepping up rhetoric against chip rival Intel, saying it expects to take more of Intel's market share than Intel can take from them. With Intel being the No. 1 supplier of notebook PC processors, and ARM technology almost ubiquitously powering smartphones, the two companies are f […]
  timothy
- Protecting State Secrets Through Copyright
  An anonymous reader writes "The United States has pursued Bradley Manning with full force for his role in supplying classified documents to WikiLeaks, in part because of the substantial difficulty in going after the organization directly. Criminal statutes generally deployed against those who leak classified government documents--such as the Espionage A […]
  samzenpus
- Zuckerberg Updates Relationship Status To "Married"
  theodp writes "A day after taking Facebook public, CEO Mark Zuckerberg changed his Facebook status to 'married' after wedding longtime girlfriend and recent med school grad Priscilla Chan on Saturday. No word if Zuckerberg heeded Donald Trump's prenup advice." Read more of this story at Slashdot. […]
  timothy
- Quantifying the Risk of Texting Drivers
  An anonymous reader writes "More than 5000 people die each year as a result of being distracted while driving, and a new study indicates that teens and cell phones make for the most volatile combination. The National Highway Traffic Safety Administration estimates that of all drivers under 20 involved in fatal crashes, 16 percent were distracted — […]
  timothy
Bink.nu “Watching Microsoft like a Hawk”
- Microsoft Assessment and Planning Toolkit 7.0 Beta Now Available 2012/05/15
  Steven Bink
- Enhanced Mitigation Experience Toolkit v3.0 2012/05/15
  Steven Bink
- Update Rollup 1 for System Center 2012 - Operations Manager 2012/05/08
  Steven Bink
- Technical Documentation Download for System Center 2012 Data Protection Manager 2012/05/08
  Steven Bink
- Windows 8 Media Center / DVD playback only available at Extra charge 2012/05/04
  Given the changing landscape, the cost of decoder licensing, and the importance of a straight forward edition plan, we’ve decided to make Windows Media Center available to Windows 8 customers via the Add Features to Windows 8 control panel (formerly known as Windows Anytime Upgrade). This ensures that customers who are interested in Media Center have a conve […]
  Steven Bink
- 7 Security Bulletins in Advance Notification for May 2012 2012/05/03
  Steven Bink
- Office 365 Helper Scripts 2012/04/25
  Steven Bink
- Directory Preparation for Lotus Notes Migrations 2012/04/25
  Steven Bink
- SkyDrive for Windows and Mac 2012/04/23
  Steven Bink
- Microsoft-Citrix Virtual Desktop Infrastructure Whitepaper 2012/04/18
  Steven Bink
Virtualization.info
- NVIDIA introduces World’s Firs Virtualized GPU 2012/05/17
  On May 15th NVIDIA unveiled the NVIDIA® VGX™ platform that will be available later this year through NVIDIA’s hardware OEM and VDI partners. This new platform promises to deliver...
  virtualization.info Staff
- Microsoft announces Assessment and Planning Toolkit 7.0 Beta Program 2012/05/17
  Microsoft announced this week the new Beta version of its capacity planning tool Microsoft Assessment and Planning (MAP) 7.0 Beta. The Beta program opened on May 15th and the review...
  virtualization.info Staff
- VMware announces vFabric Suite 5.1 2012/05/15
  Today VMware announced VMware vFabric Suite 5.1, expected to be generally available in Q2 2012. vFabric Suite 5.1 includes vFabric Application Director, to automate the deployment and management of vFabric...
  virtualization.info Staff
- VMware CTO talks about R&D plans for the future 2012/05/15
  On April 4 Stephen Herrod, VMware’s CTO, has attended, as guest speaker, at a VMUG meeting in Italy. One of the key point of the speech, documented in one hour-long...
  virtualization.info Staff
- Citrix Hosted Server VDI Tech Preview 2012/05/14
  Last week Citrix announced a new tech preview for Hosted Server VDI technology that allows cloud providers to leverage Microsoft SPLA to host VDI-style desktops obtaining a pay-as-you-go monthly subscription licensing...
  virtualization.info Staff
- Release: Atlantis ILIO Diskless VDI 3.2 2012/05/11
  On May 7 Atlantis Computing announced the general availability of its Atlantis ILIO Diskless VDI 3.2, this product, tailored in particular for VMware View 5.1, enables virtual desktops deployment...
  virtualization.info Staff
- Citrix unveils Project Aruba 2012/05/11
  On May 7 Citrix announced a technology preview of Project Aruba that extends Citrix VDI all-in-one proposal for the SMB market, VDI-in-a-Box, with personal vDisk technology. VDI-in-a-Box, inherited from Kaviza...
  virtualization.info Staff
- Cloud Sidekick announced Early Access release of Cato EE 2012/05/10
  On May 7 Cloud Sidekick announced the Early Access Program release of Cato Enterprise Edition (EE) which extends the Community Edition (CE) with Storm Deployment Automation and support for...
  virtualization.info Staff
- Release: VMware vCenter Infrastructure Navigator (VIN) 1.1 2012/05/09
  On April 26 VMware announced the general availability of VMware vCenter Infrastructure Navigator (VIN) 1.1, previously introduced as a part of vCenter Operations Management Suite. VIN automatically detects, discovers and...
  virtualization.info Staff
- VMware accelerates security updates after ESX source code leak 2012/05/08
  On May 3 VMware released a security update, that the company itself define as “accelerated“, with the purpose to patch five “critical” security issues across VMware ESX and ESXi hypervisor...
  Massimo Ferrari
winsupersite.com
- Windows Weekly 261: Don't Nudge Me 2012/05/20
  By Paul ThurrottIn the latest episode of the Windows Weekly podcast, Iyaz Akhtar and I discuss the cost of Microsoft’s coming Windows 8 update offer, a Windows 8 Release Preview ... preview, Windows 8 and DVD playback, dueling search engines, and Microsoft Signature.
  Paul Thurrott
- Windows 8 Feature Focus: Contracts 2012/05/20
  By Paul ThurrottUnless you’re a serious old timer, you probably don’t remember when copy and paste functionality, now a common and expected feature, was added to Windows. Well, this time you have no excuse: Microsoft is adding a new capability to Windows 8 called contracts. And as with copy and paste, you’re going to have a hard time remembering using Window […]
  Paul Thurrott
- Windows 8 Release Preview: RIP, Aero (2003-2012) 2012/05/19
  By Paul ThurrottMicrosoft quietly revealed this week that it will kill off the Aero glass interface in Windows 8 and replace it with a flat, Metro-like Explorer that’s more in line with the company’s current design mantra. But this change isn’t just about obfuscation. It’s about the Windows team abandoning the very market that drove Windows’s success for ove […]
  Paul Thurrott
Keith Combs
- The Windows 8 User Experience Gets Explained 2012/05/19
  Keith Combs
- I totally want this for my home office 2012/05/17
  Keith Combs
- Aluminum is out, Carbon is in 2012/05/15
  Keith Combs
- HP Launches New Ultrabooks 2012/05/09
  Someone apparently didn’t get all of the embargo information quite right today because I noticed several false starts on the HP announcements for some notebook models. Oh well, nobody is perfect. Pictured at right is the coming HP Folio Ultrabook. It isn’t scheduled to start shipping until October so don’t start jumping up and down with joy. There are se […]
  Keith Combs
- Windows 8 and Windows Media Center - details from the product development group 2012/05/04
  Keith Combs
- Microsoft Private Cloud Summit - registration open and seats still available 2012/05/01
  Keith Combs
- NVIDIA Launches GeForce GTX 690 2012/04/29
  “Despite the stupendous performance of the GeForce GTX 690, some gamers are destined to clamor for more. That's where Quad SLI comes in. When two GeForce GTX 690s are connected via an SLI motherboard, four GPUs work in unison in Quad SLI mode. Each GPU works on a distinct frame for a total of four frames in flight at a given time. The resulting performa […]
  Keith Combs
- Windows Server 2012 - beta hands on labs now available 2012/04/24
  Keith Combs
- Get the Microsoft Camera Codec Pack 2012/04/23
  The Microsoft Camera Codec Pack enables the viewing of a variety of device-specific file formats. Note: Clicking Download means you agree to the Microsoft service agreement and privacy statement. Additional details below. The Microsoft Camera Codec Pack enables the viewing of a variety of device-specific file formats in Window Live Photo Gallery as well as o […]
  Keith Combs
- Microsoft Deployment Toolkit (MDT) 2012 - now available for download 2012/04/20
  Deploy Windows 7, Office 2010 and 365, and Windows Server 2008 R2 with the newly released Microsoft Deployment Toolkit 2012. MDT is the recommended process and toolset for automating desktop and server deployment. MDT provides you with the following benefits: Unified tools and processes, including a set of guidance, for deploying desktops and servers in a co […]
  Keith Combs
VIrtual PC Guy
- Why is my virtual machine “Off-Critical”? 2012/05/11
  Ben Armstrong [MSFT]
- Shrinking a VHD in Windows 8 - fast! 2012/05/10
  Ben Armstrong [MSFT]
- Shrinking a virtual hard disk in Windows 8 2012/05/07
  Ben Armstrong [MSFT]
- Windows 8 key combinations inside of Hyper-V 2012/05/03
  Ben Armstrong [MSFT]
- Ubuntu 12.04 under Hyper-V on Windows 8 2012/05/02
  Ben Armstrong [MSFT]
- Eric talks about Hyper-V PowerShell 2012/04/30
  Ben Armstrong [MSFT]
- Storage Migration is “copy and delete” not “move” 2012/04/25
  Ben Armstrong [MSFT]
- Storage Migration Hyper-V Settings 2012/04/24
  Ben Armstrong [MSFT]
- Storage Migration Performance 2012/04/23
  Ben Armstrong [MSFT]
- Performing bulk configuration changes with PowerShell in Hyper-V on Windows “8” 2012/04/17
  Ben Armstrong [MSFT]
Microsoft Digital Media Technologies
- CableCARD Opens Up, but Does the Marketplace? 2009/09/12
  chrisl
- Microsoft Enhances the Digital Cable Experience and Names 2009 Windows Media Center Ultimate Install Winner 2009/09/10
  Customers get new capabilities, more options, and a better digital cable experience in Windows Media Center. ATLANTA, Sept. 9 -- Today at CEDIA EXPO 2009, Microsoft Corp. discussed key Windows Media Center features for Windows 7 and announced a series of initiatives that enhance the digital cable experience in Windows Media Center. With the addition of nativ […]
  chrisl
- OCURs Finally Approved for Tuning Adaptor Support 2009/09/03
  chrisl
- Going Beyond The Enthusiast Market 2009/08/23
  chrisl
- What Do You Think of Windows 7 Media Center? 2009/08/09
  chrisl
- Is Hulu Coming to Media Center? 2009/07/26
  chrisl
- Media Center Gets "PCTV" Marketing in Microsoft Store Mockups 2009/07/26
  chrisl
- Microsoft Unprepared for Digital TV Switch 2009/06/14
  chrisl
- Xbox Unveils Entertainment Experiences That Put Everyone Center Stage 2009/06/01
  chrisl
- Microsoft Connects the Dots with Zune HD, Zune Marketplace, and Xbox 2009/05/29
  chrisl
Archives
Calgary Network Services
- laptop's screen, lcd monitor, backlight, invertor repair