Windows IT Pro is the authoritative and independent resource for windows nt, windows 2000, windows 2003, windows xp. Features a collection of resources and magazines for windows IT professionals.
  
  
  Advanced Search 


February 01, 1999

Event Archiver Professional 2.0


A Web Exclusive from Windows IT Pro
Marty Scher
Product Reviews
InstantDoc #4766
Windows IT Pro
Email this Article
Printer Friendly
Reader Comments
Digg This
Del.icio.us
RSS
Subscribe to Windows IT Pro | See More Products / Software Articles Here | Reprints | Or get the Monthly Online Pass—only $5.95 a month!

Event log management made easy

Since the days of ENIAC, systems administrators have had the difficult task of gathering, analyzing, and storing computer log files. Windows NT administrators are no exception. Although the NT Event Viewer reports useful system and user information, it lacks automated functions to properly manage its event files. Dorian Software Creations' Event Archiver Professional 2.0 is an affordable solution for managing NT event files on workstations and servers. Event Archiver automatically saves Event Viewer files to an NT *.evt event file or to a formatted text file that you can open in your favorite spreadsheet or database program. The product features flexible scheduling, the ability to run as a service, and archived event files.

Easy Does It
Event Archiver installation takes only a minute. Configuring the system using the Event Archiver Control Panel program is nearly as easy. As Screen 1 shows, you simply determine which event logs to archive, the archive schedule, and where to store the log files. You can set the program to archive either by day/date/time or when event logs are full. Next, choose an archive file type. You can use the standard NT event log format, a comma-delimited text file to import into a spreadsheet, or both. Now is also a good time to determine if you want to clear the event logs after archiving. When I selected a folder to store the archived files, I was disappointed that my only choice was a local folder and not a networked drive or Uniform Naming Convention (UNC) share. This is unfortunate, because the naming convention of the archive files (<system_name><log_file_type><archive_date/time> ) is a very useful format. Ideally, you want to be able to store logs from different systems in the same folder and easily distinguish between them. I questioned DorianSoft technical support, who said that this is an NT limitation, not an Event Archiver limitation. The vendor is working on Event Archiver 3.0, which will include a remote administrator for multiple systems, which can move archived files to a central location. Even with this limitation, storing archived files on the local system is acceptable with proper backups.

Up and Running
Event Archiver, like any good NT product, installs and runs as an NT service. The product consumes minimal resources and creates few performance problems. This is one of those rare programs that you can install, forget about, and use regularly. I decided to do just that—install and configure the program, then let it go to see what information it archives. After several days, I was pleasantly surprised to see a folder list of well-identified archive files. My configuration creates both NT *.evt event log files and *.txt comma-delimited text files. The software will archive event files weekly for easy reference, and the text files will be useful for importing into spreadsheets and databases for reporting purposes and long-term analysis. I also selected the Backup and Clear function, which clears NT event logs after archiving to prevent excessive disk space usage. The Event Archiver Help file contains clear information about operation, troubleshooting, and company contact information. Unfortunately, the Help file is in HTML format and you need a browser to view it. A standard NT Help file would be more manageable.

As with any archive, the ability to easily extract needed information is the highest priority. For example, if you want to know what time Sandy Smith logged on June 21, 1998, you can look in the security event log; however, the security event log might log thousands of users, and chances are good that you won’t find the entry. Event Archiver saves those important log files based on a manageable time interval. Event Archiver can also assist with long-term analysis. Append the comma-delimited files to a spreadsheet or database to determine trends, such as how often in the past year an SNA event 23 occurred. A test importation into Microsoft Excel 5.0 showed proper delimited formatting with no deviation among columns. Opening an archived *.evt test file in Event Viewer functioned the same as opening a system-generated event file.

Event Archiver is a simple, yet effective, NT system tool to archive and organize event log files. I installed and ran Event Archiver on my test systems without errors, and its reasonable price tag means you can install it on all your servers without breaking your budget. You can purchase the software from the Dorian Software Creations' Web site.

Event Archiver Professional
Contact: Dorian Software Creations * 404-504-1340
Web: http://www.doriansoft.com
Price: $19.99 per system, with unlimited licensing for more than 250 systems
System Requirements: Windows NT Server 4.0

End of Article

Reader Comments

You must log on before posting a comment.

If you don't have a username & password, please register now.




Top Viewed ArticlesView all articles
Command Prompt Tricks

One reader shares his tip for setting up the command prompt to reflect a remote path. ...

How can I stop and start services from the command line?

...

PsExec

This freeware utility lets you execute processes on a remote system and redirect output to the local system. ...
Windows OSs Whitepapers Why SaaS is the Right Solution for Log Management
Related Events SQL Server 2008 – Can You Wait? | Philadelphia

SQL Server 2008 – Can You Wait? | Atlanta

Check out our list of Free Email Newsletters!
Windows OSs eBooks Understanding and Leveraging Code Signing Technologies

A Guide to Windows Certification and Public Keys

SQL Server Administration for Oracle DBAs
Related Windows OSs Resources Become a VIP member of the Windows IT Pro community!
Get it all with the VIP CD and VIP access. A $500+ value for only $279!

Subscribe to Windows IT Pro!
Solve your toughest technical problems with our experts and access 10,000 + articles online. 30% off

Monthly Online Pass - Only $5.95!
Get instant access to 10,000+ articles from Windows IT Pro Magazine!

TechNet Virtual Labs
Evaluate and test Microsoft's newest products.



ADS BY GOOGLE

Job Openings in IT SPONSORED LINKS FEATURED LINKS
Register for Orion NPM v9 - Evaluation
Affordable, easy-to-use network performance management with SolarWinds Orion – Free Trial!

Want a Hardware-Independent Image?
Binary Research, the Ghost people, shows you how to clone with 1!

Maximize speed, performance and reliablity of your PCs and servers—automatically!
Speed Up Your PC! Try Diskeeper 2008 with InvisiTasking Free Now!

Order Your Fundamentals CD Today!
Register today for your in-depth copy of one of three Fundamental CDs on the following topics – Exchange, SQL, and SharePoint.
Windows IT Pro Home Register FAQ for Windows WinInfo News
Europe Edition About Us Contact Us/Customer Service Media Kit Affiliates / Licensing  
SQL Server Magazine Office & SharePoint Pro Windows Dev Pro IT Job Hound ITTV
IT Library Technology Resource Directory Connected Home Windows Excavator Windows SuperSite 
 
 Windows IT Pro is a Division of Penton Media Inc.
 Copyright © 2008 Penton Media, Inc., All rights reserved. Terms and Use | Privacy Statement | Reprints and Licensing