Description
MyEventViewer is a simple alternative to the standard event viewer of Windows. As oppose to Windows event viewer, MyEventViewer allows you to watch multiple event logs in one list, as well as the event description and data are displayed in the main window, instead of opening a new one. Also, with MyEventViewer you can easily select multiple event items and then save them to HTML/Text/XML file, or copy them to the clipboard (Ctrl+C) and then paste them into Excel.System Requirements
This utility works on Windows 2000, Windows XP, Windows 2003 Server, Windows Vista, and Windows 7/2008.Using MyEventViewer
MyEventViewer doesn't require any installation process or additional DLL files. In order to start using it, simply run the executable file - MyEventViewer.exeThe main window of MyEventViewer has 2 panes: The upper pane displays the list of all events. When you select a single event in the upper pane, the lower pane display the description and data of the selected event.
By default, all event logs are displayed in the main window of MyEventViewer. You can easily remove/add the logs that you want to view by using the 'Logs' menu.
Reading External .evt files
MyEventViewer allows you to read event data from one or more .evt file by using /LoadFiles command-line parameter. For every .evt filename, you must specify the appropriate log type name (Application, Security, and so on...) For example:MyEventViewer.exe /LoadFiles "c:\temp\app.evt" "Application"
MyEventViewer.exe /LoadFiles "c:\temp\sec.evt" "Security" "c:\temp\app.evt" "Application"
MyEventViewer.exe /shtml "c:\temp\events1.html" /LoadFiles "c:\temp\sec.evt" "Security" "c:\temp\app.evt" "Application"
Connecting a remote computer in your network
MyEventViewer allows you to connect another computer on your network. However, this feature only works if you have full admin access to the computer that you want to connect. In order to view the events of the remote computer, simply run MyEventViewer with /remote option, and specify the computer name, for example:MyEventViewer.exe /remote \\MyComputerName
MyEventViewer.exe /remote \\192.168.0.1
In order to successfully get full admin access to the remote computer, read this Blog post: How to connect a remote Windows 7/Vista/XP computer with NirSoft utilities.
System Requirements
This utility works on Windows 2000, Windows XP, Windows 2003 Server, and Windows Vista. However, be aware that the event viewer of Windows Vista displays more event details than MyEventViewer.Command-Line Options
| /SaveDirect |
Save the log lines in SaveDirect mode. For using with the other save command-line options ( /scomma, /stab, /sxml, and so on...)
When you use the SaveDirect mode, the event log lines are saved directly to the disk, without loading them into the memory first. This means that you can save a list with large amount of event log lines into your disk without any memory problem, as long as you have enough disk space to store the saved file. The drawback of this mode: You cannot sort the log lines according to the column you choose with /sort command-line option. |
| /ShowOnlyLastEvents [0 | 1] | If you specify '1' value, the last events filter will be activated. |
| /LastEventsUnit [Unit] |
Unit to specify the last events filter.
1 = Minutes 2 = Hours 3 = Days |
| /LastEventsValue [Number of Units] | specifies the number of units (Minutes/Hours/Days) for the last events filter. |
| /VisibleEventTypes [Number] |
Specifies which type of events to display:
1 = Error 2 = Warning 4 = Information 8 = Audit Success 16 = Audit Failure You can combine multiple event types, for exmaple: if you want to display both errors and warnings, set the VisibleEventTypes value to 3 (1 + 2 = 3): |
| /EventLogNames [Name1] [Name2] [Name3]... |
Specifies the event log names that you wish to load.
Examples:
MyEventViewer.exe /EventLogNames "osession" "security" "Internet Explorer" MyEventViewer.exe /EventLogNames "Application" "Security" |
| /advanced | Starts MyEventViewer with the 'Advanced Filter' window, before loading the events. |
| /stext <Filename> | Save the events list into a regular text file. |
| /stab <Filename> | Save the events list into a tab-delimited text file. |
| /scomma <Filename> | Save the events list into a comma-delimited text file (csv). |
| /stabular <Filename> | Save the events list into a tabular text file. |
| /shtml <Filename> | Save the events list into HTML file (Horizontal). |
| /sverhtml <Filename> | Save the events list into HTML file (Vertical). |
| /sxml <Filename> | Save the events list into XML file. |
| /sort <column> | This command-line option can be used with other save options for sorting by the desired column. If you don't specify this option, the list is sorted according to the last sort that you made from the user interface. The <column> parameter can specify the column index (0 for the first column, 1 for the second column, and so on) or the name of the column, like "Source" and "Time". You can specify the '~' prefix character (e.g: "~Time") if you want to sort in descending order. You can put multiple /sort in the command-line if you want to sort by multiple columns. |
| /nosort | When you specify this command-line option, the list will be saved without any sorting. |
MyEventViewer.exe /shtml f:\temp\events.html /ShowOnlyLastEvents 1 /LastEventsValue 2000 /LastEventsUnit 1 /sort "~Time"
MyEventViewer.exe /shtml f:\temp\events.html /sort "Event Type" /sort "Log Type"
Translating MyEventViewer to other languages
In order to translate MyEventViewer to other language, follow the instructions below:- Run MyEventViewer with /savelangfile parameter:
MyEventViewer.exe /savelangfile
A file named MyEventViewer_lng.ini will be created in the folder of MyEventViewer utility. - Open the created language file in Notepad or in any other text editor.
- Translate all string entries to the desired language. Optionally, you can also add your name and/or a link to your Web site. (TranslatorName and TranslatorURL values) If you add this information, it'll be used in the 'About' window.
- After you finish the translation, Run MyEventViewer, and all translated
strings will be loaded from the language file.
If you want to run MyEventViewer without the translation, simply rename the language file, or move it to another folder.
Post a Comment