« Previous Next »

• 08-27-2008, 10:59 PM

  NoobBoy Joined on 08-28-2008, 2:46 AM Posts 3

  [HELP] Parsing .EVT to SYSLOG server Reply Contact Hi everyone! I am new here, and I'm definitely new to using Log Parser. This is my first time using it and I know nothing about it. I tried reading the Help file which came together with Log Parser 2.2, but wasn't able to understand it well due to my ignorance. Anyway, I need help parsing information of my Windows' CPU idle , remaining C:\ Hard Disk Space AND RAM space to a separated SYSlog server. I'm not good at SQL and here I'm desperately seeking for help if anyone can help me with the SQL queries. Please help me someone! My deadline for this project is catching up! :'( Deepest Thanks to all!

• 08-28-2008, 9:20 AM

  In reply to

  joelangley Joined on 07-20-2008, 6:37 PM Posts 179	Re: [HELP] Parsing .EVT to SYSLOG server Reply Contact I assume you need to do this for SOX? Either way, a better approach would be to use this: https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys/ Check out my blog for other cool tips and tricks: http://joelangley.blogspot.com/

• 08-28-2008, 9:38 PM

  In reply to

  NoobBoy Joined on 08-28-2008, 2:46 AM Posts 3

  Re: [HELP] Parsing .EVT to SYSLOG server Reply Contact Hi Joelangley! Thanks for your reply! Greatly appreciated! Currently I'm handling on a project that requires me to parse the Windows System CPU idle + RAM and C:\ space over to a 3rd party program that will help me monitor these logs and information. How do I generate CPU idle , RAM and C:\ space available into event logs in system? I am thinking of parsing the Windows' information over to my Solaris Syslog server and working on it in from Soloaris. I've looked at the Eventlog to Syslog Utility, but it doesn't support Windows XP and I'm am operating from a Windows XP box. Do you think there are alternatives to this? Thanks for helping, I'm currently learning to work between Windows and Solaris. ^^

• 09-03-2008, 6:25 AM

  In reply to

  WenJun Zhang - MSFT Joined on 08-27-2008, 2:53 AM Posts 127

  Re: [HELP] Parsing .EVT to SYSLOG server Reply Contact Hi, You can write SQL query to extract the data from event log(or use -i:EVT) and use -o:SYSLOG to output them in Syslog format. In log parser's help document, there is a perfect sample on this. Please open it and search for "SYSLOG Output Format Examples"  Thanks. WenJun Zhang - MSFT Sincerely Microsoft Online Community Support “Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”