EventLog.Backup
Top  Previous  Next


Backups an event log

Use the "File" or the "Dir" checkbox in the NTinfo event log reader to read archived logs.

Category
Event log

Script section
All

EventLog.Backup Machine, EventLog, BackupPath, AddToBackupFileName

Machine
Name of machine on which to backup the log.  

EventLog
Name of log to backup -  
"Application", "Security", "System", "Directory Service", "DNS Server" or "File Replication Service"  

BackupPath
Full path to destination directory, must be a local directory, not a network share nor a mapped drive.  

AddToBackupFileName
Files saved are automatically named with the syntax "machine,logname,xxx.evt", xxx=AddToBackupFileName.  
Use AddToBackupFileName for own comments / naming.  

Examples
1) Create a backup file of the application log on \\main01 in the c:\winnt directory of \\main01

EventLog.Backup \\main01, Application, c:\winnt\, %date%

2) Move the above file to the c:\ root of the local machine (It is not possible to directly create backup files on remote machines.)

DOS move "\\main01\admin$\main01,application,%date%.evt" c:\

Full example
Backup and clear remote event logs