Event Log Backup utility (elbackx.exe)
Event Log Backup utility lets you quickly save event logs from different locations in one place. You can find elback.exe in Event Log Explorer application folder.
ELBACKX BatchFile
runs BatchFile to backup logs.
ELBACKX DestDir EventLogs [/clear]
backups EventLogs to DestDir with optional clear option.
BatchFile format:
; - comment line
DestDir EventLogs [/clear]
DestDir - specifies a destination folder (or /NOBACKUP option).
If the destination folder name contains spaces, it must be enclosed in quotes.
EventLogs - specifies a particular event log or group of event logs which you want to backup to DestDir.
Event logs must be separated by spaces. If event log name contains spaced, it must be enclosed in quotes. Remote event logs are specified as \\ComputerName\LogName. You can use wildcard characters (*) to specify all event logs (\\ComputerName\*).
/clear - optionally clears EventLogs after backup.
Sample BatchFile with comments:
=====================
;backup to C:\Backup Application and system from Server, then clear
C:\Backup\ Server\Application Server\System /Clear
;Backup all logs from Server2 to C:\My Backup, without clearing.
"C:\My Backup\" Server2\*
;Clear all logs from 192.168.1.11
/Nobackup \\192.168.1.11\* /clear
=====================
You can automate BatchFile creation from Event Log Explorer tree. More information is available in Export to backup batch.
Examples:
run batchfile.elb batch to backup logs:
ELBACKX batchfile.elb
backup Security log from Serv01 to C:\Backup:
ELBACKX C:\Backup Security Serv01\Security
backup all logs from Serv01, Serv02 and Serv03 to C:\My Backup, then clear them:
ELBACKX "C:\My Backup" \\Serv01\* \\Serv02\* \\Serv03\* /Clear
backup Directory Service from Serv01 to C:\My Backup:
ELBACKX "C:\My Backup" "\\Serv01\Directory Service"