Follow

Agent procedure to Collect Windows Event Logs - Application and System Logs

PROBLEM:

If asked to collect Windows Event logs to further investigate an issue. This procedure can be used to facilitate this process. 

This procedure saves system and application event logs to .evt files using shell commands, zips them using 7-zip command line version, and uploads to the Get File area on the kserver.

 

SOLUTION:

To use this procedure: 

 

1) download 7zip command line version from http://downloads.sourceforge.net/sevenzip/7za920.zip

2) go to Agent Procedures > Schedule/Create and click the Managed Files button - upload 7za.exe to the Shared area

3) extract the attached file Procedure Get event logs.xml and create procedure using the Import Folder/Procedurebutton

4) after running the procedure, the event log files will be available from the Agent Procedures > Get Files function (eventlogs.zip)

 

 

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.