PsLogList is a command line utility with a long list of parameters, parameters that make it very flexible. The utility's usage and syntax are shown in Figure 1,
Using this free utility is pretty straight forward. Let's walk through some examples.
Default (no parameters)
If you run PsLogList with no parameters specified, it automatically selects the System log, listing all entries to your command line window, as shown in Figure 2.
Figure 3 shows what happens when you select a specific Event Log. I sent the output to the "more" command to let me page through the results instead of watching them go past in a blur. The command line looked like
PsLogList Security | More
This is great if you want to peruse everything instead of targeting specific events. The following syntax provides a listing of all security log events with an event code of 861, as shown in Figure 4:
PsLogList -i 861 Security | More
Exporting results for analysis
This is all great, but who wants to spend everyday skimming through logs when the process can be automated with scripts or other tools. The following syntax reformats the output into a comma-delimited format and redirects the output to a text file:
PsLoglist -i 861 -s -t , Security > EventListing.txt
The resulting text file can be imported into Excel, as shown in Figure 5, or used as input for a script.