JSI Tip 5424. How do I manage Windows 2000 event logs with the Eventlog.pl tool?

Microsoft Knowledge Base Article 318763 contains the following summary:

This article describes how to use the Event Log Management Script tool (Eventlog.pl) to manage Event Viewer logs of Windows 2000-based computers.

An event is any significant occurrence in the computer or in a program that requires either users to be notified or an entry added to a log. The Event Log Service records events to the Application, Security, and System logs in Event Viewer. Additionally, events are written to the Directory Service and File Replication Service logs on domain controllers and the DNS Server log on DNS servers. You can use Event Viewer to obtain information about your hardware, software, and system components, and to monitor security events on a local or remote computer. You can use event logs to identify and diagnose the source of current computer problems or to help you predict potential computer problems.

Eventlog.pl is available in the Windows 2000 Resource Kit Supplement 1. You can use this script tool to perform the following event log management tasks:

Change the properties of event logs.
Back up (save) event logs.
Export event lists to text files.
Clear (delete) all events from event logs.
Query the properties of event logs.

IMPORTANT: Do not use Eventlog.pl if you use Group Policy to specify event log settings. Eventlog.pl can violate Event log policies so that the following Group Policy settings for domains, organizational units, and sites may become ineffective:

Maximum LogName log size
Retain LogName log
Retention method for LogName log



Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish