Microsoft Knowledge Base Article 318763 contains the following summary:
This article describes how to use the Event Log Management Script tool (Eventlog.pl) to manage Event Viewer
logs of Windows 2000-based computers.
An event is any significant occurrence in the computer or in a program that requires either users to be
notified or an entry added to a log. The Event Log Service records events to the Application, Security,
and System logs in Event Viewer. Additionally, events are written to the Directory Service and File Replication
Service logs on domain controllers and the DNS Server log on DNS servers. You can use Event Viewer to obtain
information about your hardware, software, and system components, and to monitor security events on a local
or remote computer. You can use event logs to identify and diagnose the source of current computer problems
or to help you predict potential computer problems.
Eventlog.pl is available in the Windows 2000 Resource Kit Supplement 1. You can use this script tool
to perform the following event log management tasks:
• | Change the properties of event logs. |
• | Back up (save) event logs. |
• | Export event lists to text files. |
• | Clear (delete) all events from event logs. |
• | Query the properties of event logs. |
IMPORTANT: Do not use Eventlog.pl if you use Group Policy to specify event log settings. Eventlog.pl can violate Event log policies so that the following Group Policy settings for domains, organizational units, and sites may become ineffective:
• | Maximum LogName log size |
• | Retain LogName log |
• | Retention method for LogName log |