3 min read
Eventlog.pl is an event log management script tool which comes with Windows 2000 Resource Kit Supplement and is used to manage the Event Viewer logs of Windows 2000 based systems. This script tool can be used to perform various event log management tasks like changing properties of the event logs, backing up the log files exporting the event lists to text files, deleting all events from the logs and querying the properties of event logs.
Eventlog.pl runs on a source computer and acts on a target computer (which can be the same). There are certain pre-requisites which must be met before using Eventlog.pl such as the system must run Windows 2000 server or Windows 2000 Professional, the system must correctly be configured to run Perl Scripts and that you must be logged in as a member of Administrative group so as to view the security log events.
Scripting as well all know can turn complex for complex tasks. Event log management tools on the other hand can simplify the process and eliminate the need of scripting for every single operation on log files.
Here, we will compare the scripting tool Eventlo.pl with an event management tool, Lepide Event Log Manager (LELM) for different operations:
Event log management script tools Vs. LELM
1 Changing event logs properties
Eventlog.pl script tool uses a general syntax for the change operation if you want to change the properties of one or more event log files. Following is the syntax:
eventlog.pl -change eventlog [ eventlog…] | * [ -s computer [ -u domain\user -p password]] [-setmaxsize size][-setbehavior asneeded| olderthanx | never] [-restore]
You can however perform the same operation using LELM even if you do not know scripting. Simply set the rules for event processing and the event log manager will accordingly fetch the events. Furthermore, you can configure the software to automatically store the event logs from a group of computer as an archive.
2. Creating backups for the event logs
Event log script tool uses the following syntax for creation of backups for event lo files:
eventlog.pl -backup eventlog [ eventlog…] | * [ -s computer [ -u domain\user -p password]] [-format evt| txt | csv] [-file file [ -file file…]]
Lepide event log manager simply creates a SQL server database which acts a repository for storing all the log files for an indefinite period of time. A proper backup of the SQL database can be kept to guard against corruption issues.
3. Exporting Log Files
The general syntax followed by Event log management scrip tool is
eventlog.pl -export eventlog [ eventlog…] | * [ -s computer [ -u domain\user -p password]] [-format txt | csv] [-file file [ -file file…]]
However, with Lepide event log manager, you can save the event in different formats like HTML, TXT, DOC and RTF and easily mail them through Default Mail Server Settings and Different Mail Server Settings.
4. Querying event logs
Eventlog.pl script tool uses the following syntax to specify queries for event logs:
eventlog.pl -query eventlog [ eventlog…] | * [ -s computer [ -u domain\user -p password]] [-format table| list | csv] [-v]
Lepide Event Log Manager software has a special feature that allows you to query event log files. You can create queries for different log file types like Windows PowerShell, Application, System, Security, DNS, FRS and DS.
Top 10 Most Important Group Policy Settings for Preventing Security Breaches
15 Common Types of Cyber Attacks and Threats
Causes of Frequent Active Directory Account Lockouts