MS Access for the Business Environment: Analyze and Report from the Windows Event Log, Part I - Page 4

Syntax

The command-line syntax for Elogdmp is simple, and is structured as follows:

elogdmp [-?] computername eventlogtype [> export filename]

The components of the syntax, together with amplifying comments, appear in Table 2.

The following example would export the contents of the Security log, as it exists upon a server named ELIAS; the output file, named 021404_Security.txt would be redirected to the EventLogs directory on the D: drive.

elogdmp ELIAS Security > D:\EventLogs\021404_Security.txt

For the details surrounding additional functionality with Elogdmp, such as its filtering and error reporting capabilities, consult the documentation that ships with the Windows 2000 Resource Kit. For now, we will practice with using Elogdmp to create a dump file, whose ultimate destination will be an MS Access database.

Practice: Using the Tool to Export the Event Log

To put Elogdmp into action, we have only to open a Command Prompt and issue the appropriate syntax. We will create a dump file for our destination database by taking the following steps:

Note: There are numerous ways of launching the Command Prompt. Select the way that you prefer.

The Command Prompt window opens.

[Directory Housing the Event Log Tool]> Elogdmp [ComputerName] application   

 
> [Full file name you wish for the file]

D:\Program File\Windows 2000 Resource Kit>Elogdmp ELIAS application   
 
> D:\temp\022004_app.txt

The dump file is created instantaneously. If this is not the case, go back and check your typing, particularly the validity of the information that is contextually specific to your local computer.

I specified that my file be called 022004_app.txt, and that it be placed within the D:\temp folder on my machine. Upon navigating to the folder, I see that the file has indeed been created, as shown in Illustration 7.

If we wish to do so, we can certainly open the file with Notepad.exe, or any number of other text editors. The file we have created will become the data source for our new Event Log database, and will be used in both its creation and population, as we will see when we move into the import stage in Part II of this article.

Conclusion ...

With this, Part I of a two-article lesson, we diverted from our typical focus of working with financial information in MS Access, and set our sights on using the RDBMS in a different role: the support of operational analysis and reporting with the wealth of statistics that can be obtained from the Event Log of the Windows operating system. After introducing the Event Log and discussing the data that it contains, we set about meeting our objective of creating an MS Access database and populating it with Event Log data.

We discussed the usefulness of manipulating Event Log data within a database, and then introduced the Elogdmp utility as an easy-to-use option for exporting Event Log data. Finally, we performed a hands-on exercise using the utility to dump an Application log in preparation for its import, in Part II, to an MS Access database for Analysis and Reporting.

» See All Articles by Columnist William E. Pearson, III