Currently I’m working in a client and I need to analyze more than 110,000 logs entries in the security log of Windows Server 2003 with specific words and export the results to a file, I found both filter and find on Event Viewer pretty bad options so last night I created a tool to filter events called Filter Events.
The tool read first 100 events (we can change this limit running filterevents /setup-events) and we can move between these log entries using buttons on right.
We can enter a text string to search inside log message description using text box called Filter Events Containing. The search option will display first 100 events (or any value specified using /setup-events) or less. The search function will scan first 5,000 events by default (we can change this limit running filterevents /setup-max).
We can use the Copy Event to Log button to copy specific event to Event Log and using the Save Report button to export file to .rtf file for further analysis.
The tool is available for download at http://ctxadmtools.musumeci.com.ar/FilterEvents
No comments:
Post a Comment