I am using following query to dump the event logs of a remote machine in a local database but execution time of this query is about 7-8 minutes. How can I reduce the execution time of the query.
logparser -i:evt "select * from \\serverName\Application,system to tableName" -o:SQL -driver:"SQL Server" -server:someOtherServername -database:databaseName -transactionRowCount:-1
The most expensive operation when parsing remote event logs is the retrieval of the full message text, which involves loading a huge number of DLLs from the remote host. If you can live without the message, you can add -fullText:off to the command-line. Note that you would still get the message parameters, i.e. the strings that are to be replaced in the message.
