Microsoft has released a command-line tool Elogdmp.exe, Event Log Query Tool, as part of the Windows 2000 Resource Kit. You can use Elogdmp to display information from the Event Viewer logs of a local or remote Windows 2000-based computer. This tool dumps the contents of the log in comma-delimited format to the screen or to a file. You can then search the output to find and to view the information that you want. The information that Elogdmp displays include the following:

• Date
• Time
• Source
• Type
• Category
• Event ID
• User
• Computer

For example, to display the contents of the DNS server log on a computer named Server2 and to redirect the output to a file named Dnslog.txt, in the E:\Logs folder:
elogdmp server2 DNS Server > e:\logs\dnslog.txt

Related:

• Q302542 : Diagnose System Problems with Event Viewer in Microsoft Windows 2000
  
• Q317381 : Use the Event Query Script Tool (Eventquery.pl) in Microsoft Windows 2000
  
• Q315410 : Use the Event Logging Utility (Logevent.exe) to Create and Log Custom Events in Event Viewer in Windows 2000
  
• Q172156 : How to Delete Corrupt Event Viewer Log Files
  
• Q235427 : How to View Saved Directory Service, DNS Server, and File Replication Service Event Logs from Another Windows 2000-Based Computer
  
• Q216169 : How to Change the Default Event Viewer Log File Location
  

The contents of the DNS Server log of Server2 are written to the E:\Logs\Dnslog.txt file in comma-delimited format.