Converting Windows Event Viewer log files on a *nix platform?
March 2, 2005 1:57 PM   Subscribe

DUMPEL from the Win2K Resource Kit takes .EVT (Windows Event Viewer) binary log files and outputs plaintext. I've searched high and low, and can't find a Linux/UNIX equivalent that I can use to process these saved log files. Any suggestions?
posted by mrbill to Computers & Internet (7 answers total)
 
Have you considered using WINE if you're on an x86 architecture to run DUMPEL from Linux?

Or if it is console-based, DosBox will do the trick...
posted by onalark at 2:02 PM on March 2, 2005


Response by poster: I'm trying to automate nightly processing of EV log files into plaintext that I can then massage into web reports and email reports; WINE would just add another layer of not-automatable complexity.

I had a great solution setup (cygwin/crontab/awk/dumpel) then discovered that Cygwin's crontab doesn't like to talk to network shares due to permission issues.
posted by mrbill at 2:08 PM on March 2, 2005


Best answer: There are several modules for Perl that work with Windows event logs..

Try CPAN
posted by dirtylittlemonkey at 2:08 PM on March 2, 2005


Best answer: Once you get the Perl modules these guys have generously created some parser scripts for you!
posted by mnology at 2:27 PM on March 2, 2005


Response by poster: dlm: In the course of digging through the CPAN modules yet again, I found this PHP script, which looks like it will work.
posted by mrbill at 2:27 PM on March 2, 2005


Response by poster: Thanks, dirtylittlemonkey and mnology. Found the perfect stuff I need (via your links) to do it in Perl.
posted by mrbill at 2:38 PM on March 2, 2005


Response by poster: FWIW, I'm using Parse::EventLog, which didn't exist last time I went hunting through CPAN (two months ago).
posted by mrbill at 5:08 PM on March 2, 2005


« Older Putting the   |   Outlook help Newer »
This thread is closed to new comments.