我该如何定期备份 Windows 应用程序日志?
我正在使用一个定期记录到 Windows 应用程序日志(可通过事件查看器管理工具查看)的应用程序,并且我正在寻找一种每天备份它的方法。 这很重要,因为我们有时会发现应用程序存在问题 - 为了进一步调查,我们需要一周前记录的信息。 我们正在寻找的事件不一定仍然存在......我已经尝试过增加大小等等,但我认为自动备份将有助于该过程。 我们最终不会得到巨大的原木,而是多个中等大小的原木。
我更喜欢一个简单的解决方案,例如批处理文件+ Windows Scheduler,但也对其他方法感兴趣。
谢谢
I'm working with an application that logs to Windows Application Log regularly (viewable through the Event Viewer administrative tool), and I'm looking for a way to back it up on a daily basis. This is important because we sometimes discover a problem with the application - and to investigate further we need information that was logged a week ago. The events we are looking for aren't necessarily still around ... I've tried increasing the size and all that, but I think an automated backup would facilitate the process. We wouldn't end up with huge logs, but rather, multiple moderately-sized logs.
I would prefer a simple solution like batch file + Windows Scheduler, but would also be interested in other approaches.
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
这是我不久前找到的一个WMI脚本。 这可能就是您正在寻找的!
只需在计划任务中设置此脚本即可开始!
Here is a WMI script that I found a while ago. This could be what you're searching!
Just set-up this script in a scheduled task and you're good to go!
您可以使用 Windows Management Instrumentation (WMI) 读取事件日志并对结果执行任何您喜欢的操作。 这是一篇文章,您可以根据自己的目的进行调整。
You can use Windows Management Instrumentation (WMI) to read the event log and do whatever you like with the result. Here's an article that you may be able to tweak to your purposes.
将应用程序通道中的所有事件输出到 XML:
对于可读的文本输出,请使用:
您可以轻松地将这些输出中的任何一个定期通过管道传输到文件以进行备份。
Output all events in the Application channel, to XML:
For readable text output, use:
You could easily pipe either of these outputs to a file periodically for backup.
您可能需要考虑设置其中一种工具来将 Windows 事件转发到系统日志服务器。 然后,您不必运行执行备份的进程,您将几乎在将所有日志条目添加到 Windows 事件日志的同时将其转发到第二个位置。
http://ntsyslog.sourceforge.net/
http://edoceo.com/creo/winlogd
http://www.softpanorama.org/Logs/Syslog/syslog_for_windows.shtml
根据您使用的系统日志服务器,您可以设置过滤器来忽略某些事件或将它们发送到不同的文件。 您可以根据需要设置日志滚动。
You might want to consider setting up one of the tools to forward windows events to a syslog server. Then instead of having to run a process that does the backup you will get all the log entries forwarded to a second location nearly at the same time they are added to the windows event log.
http://ntsyslog.sourceforge.net/
http://edoceo.com/creo/winlogd
http://www.softpanorama.org/Logs/Syslog/syslog_for_windows.shtml
Depending on what syslog server you use you can setup filters to ignore some events or send them to different files. You can setup log rolling however you like.