If customers send in dumped event log files, there is an easy way to open them in PowerShell and analyze content: Get-WinEvent! The -Path parameter will allow you to read in those binary dumps and display the content as an object.
You should use this line to load c:\sample.evt and display message, source and time just for error events as Excel spread sheet:
Get-WinEvent -Path c:\sample.evt | Where-Object { $_.Level -eq 2 } |
Select-Object Message, TimeCreated, ProviderName, TimeCreated |
Export-CSV $env:temp\list.csv -useCulture -Encoding UTF8 -NoTypeInformationii $env:temp\list.csv
Select-Object Message, TimeCreated, ProviderName, TimeCreated |
Export-CSV $env:temp\list.csv -useCulture -Encoding UTF8 -NoTypeInformationii $env:temp\list.csv
