I have few processes which logs events in Application channel. I want to catch all events in a time period and store it into etl file. Can we do this using logman.
Asked
Active
Viewed 165 times
1 Answers
0
On further investigation i found that this was not possible using logman. Logman works on provider level not container level of event log. We will need to use wevtutil
wevtutil.exe epl Application C:\temp\ApplicationLog24hours.evtx “/q:*[System[TimeCreated[timediff(@SystemTime) <= 86400000]]]” /ow:true
exports all events in Application event created in a time period of 24 hrs
Jitendra
- 732
- 1
- 9
- 29