Tag Archives: wevtutil

Using Xpath queries to filter events in Windows Server 2008

If you’ve spent some time with Vista or Windows Server 2008 you’ll have noticed that there are some fundamental changes to the event viewer.  One of the changes is in the way in which event logs can be filtered.  In addition to the point-and-click filter selection you can now also enter an xpath query by… Read More »

Exporting Events with Wevtutil Using a Time-Based Query

Windows Server 2008 (and Vista) offer improved options for event log management.  For example, you now have the option to forward events to a central event collector server.  You also now have powerful filtering capabilities.  One of the features I like is the Wevtutil command-line tool that allows you to retrieve, query, archive, export and… Read More »