Tag Archives: Windows Server 2008

Powershell script to filter events using an Xpath query

I have recently spent some time working with Xpath queries as part of Event Log filtering in Windows Server 2008.  It’s a great feature, but one limitation I found was that it doesn’t appear possible to use the starts-with() function when querying Event Logs with either the UI or Wevtutil.exe.  Here’s an example. Let’s say… Read More »

Schedule backups of your AD LDS instance using Dsdbutil

Microsoft Technet describes how to back up an AD LDS instance using either Windows Server Backup or Dsdbutil.exe.  Interestingly, the Dsdbutil method leverages the Install From Media (IFM) feature to perform the backup.  Here’s a small batch file that you can use to schedule the backup using the Task Scheduler. @echo off rd /s c:\backup\adlds\Instance1\ /q %windir%\system32\dsdbutil.exe… Read More »

Using Xpath queries to filter events in Windows Server 2008

If you’ve spent some time with Vista or Windows Server 2008 you’ll have noticed that there are some fundamental changes to the event viewer.  One of the changes is in the way in which event logs can be filtered.  In addition to the point-and-click filter selection you can now also enter an xpath query by… Read More »

Windows Server 2008 User Account Control Gotcha #2

Yesterday I blogged about some of the confusion that Windows Server 2008 User Account Control can cause.  Continuing on the same theme, here is another example – this time using slmgr.vbs to query the licence activation status of a Windows Server 2008 machine. This is what you see when you run the command line from… Read More »

Exporting Events with Wevtutil Using a Time-Based Query

Windows Server 2008 (and Vista) offer improved options for event log management.  For example, you now have the option to forward events to a central event collector server.  You also now have powerful filtering capabilities.  One of the features I like is the Wevtutil command-line tool that allows you to retrieve, query, archive, export and… Read More »