Correct but my goal is to compile a list of events across a particular set of servers to help in establishing a "pattern" for recurring issues. So say I have a cluster of servers that are experiencing high CPU issues and I need to know what event ID's were common on those servers. This gives me something I can compare side by side and keeps me from having to scan through each server's log.
On Fri, Mar 6, 2009 at 9:54 AM, Michael B. Smith < [email protected]> wrote: > Logparser and “select unique”. Or something of the same nature. > > > > I aggregate my logs, but I do so differently…looking at a single instance > doesn’t necessary tell you of the severity of a situation. > > > > *From:* MarvinC [mailto:[email protected]] > *Sent:* Friday, March 06, 2009 9:45 AM > *To:* NT System Admin Issues > *Subject:* Locating and listing event IDs > > > > Anyone have a script or method for listing event IDs? With any server > you're gonna have a slew of events well what I want to do is list the single > instance of each event. So lets say I have 400 warning for event ID: 9646, > several for event ID: 333, 50 for event ID: 1023. Well I would want to grab > the following: > > > > Type Date Time Source Category Event > User Computer > Error 1/1/2009 12:00 Crypt32 None 8 > N/A Server1 > > Error 2/1/2008 1:00 EXCDO General 8199 > N/A Server2 > > > > So instead of seeing multiple instances of the alerts I only see the single > instance. > > > > Any responses appreciated. > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
