Make scanning Windows XP's Event Logs easier with Eventquery.vbs

Sifting through the logs in Windows XP's Event Viewer can be a bit of a nightmare due to the sheer volume of entries in any one log file. You can save time by using Eventquery, which provides you with parameters that allow you to narrow your search to a specific event at a certain time in a particular log file.

Windows XP maintains several log files that can be great sources of information when troubleshooting problems. However, sifting through the logs in Event Viewer can be a pain due to the sheer volume of entries in any one log file.

You can save yourself time and effort by learning how to use the Eventquery VBScript program, which is in the \Windows\System32 folder in every installation of Windows XP. Eventquery provides you with a series of parameters that will allow you to instantly narrow your search down to a specific event during a chosen time period in a particular log file.

Keep in mind that Eventquery.vbs runs in the command-line version of Windows Script Host: Cscript.exe. Therefore, in order to run it, you have to open a Command Prompt, change to the Windows\System32 folder, and type:

Cscript Eventquery.vbs {parameters}

For example, if you want to search through the System log for Warning events that occurred since the beginning of the day, you would use a command line like this:

Cscript Eventquery.vbs /l system /fi "Datetime gt mm/dd/yy,12:00:00AM"
/fi "Type eq Warning"

where mm/dd/yy is the current date.

You can find a detailed list of parameters for Eventquery.vbs in the Windows XP Help and Support Center or by typing Cscript Eventquery.vbs /?on the command line.

Stay on top of the latest XP tips and tricks with our free Windows XP newsletter, delivered each Thursday. Automatically sign up today!

About Greg Shultz

Greg Shultz is a freelance Technical Writer. Previously, he has worked as Documentation Specialist in the software industry, a Technical Support Specialist in educational industry, and a Technical Journalist in the computer publishing industry.

Editor's Picks

Free Newsletters, In your Inbox