Skip navigation
Menu
End-User Platforms>Windows 7/8

How can I dump all event logs from the command line?

A. The Windows 2000 Server Resource Kit includes the elogdmp.exe utility, which lets you display the contents of a particular type of log file. Valid event log types are

  • Application
  • Directory Service (if the system is a domain controller--DC)
  • DNS Server (if the system is a DNS server)
  • File Replication Service (FRS--if the system is a server)
  • Security
  • System

To use the Elogdmp command, go to the command prompt and type 

elogdmp \\<machine> <log type>

To dump the event log files for the local machine, type 

elogdmp \\. <log type>

The Elogdmp output is comma-delimited (you can output the information to a file by adding "> filename.txt" without the quotes to the end of the command), so applications such as Microsoft Excel can easily read the information. The following text shows an example of Elogdmp output: 

"07/17/2002","13:59:05","EventLog","INFO","None",6009,"N/A","TITANIC2K","5.0/2195/Service Pack 2/Uniprocessor Free/"

Windows XP users can use eventquery.vbs, which ships with the OS, to dump event logs from the command line.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
PowerShell screenshot shows Where-Object cmdlet
How to Use the PowerShell Where-Object Cmdlet
Aug 04, 2022
shield_icon_laptop.jpg
What To Do When Windows Defender Is Not Working
Mar 15, 2022
Computer Screen Showing Password Dialog Box
Microsoft Edge Downloads Updated for Azure AD Sign-In & Sync
Aug 22, 2019
mktg-wp-nolabel5
How to Approach the Windows 7 to 10 Migration
Aug 01, 2019