                          Event Log Dump Utility

This is a command line utility that can be used to dump an eventlog into
a tab-separated text file.  It can also be used to filter for certain event
types, or to filter out certain event types.  This utility can be used to dump the
event log of both local and remote systems.

The options for this utility are:


-s <servername>
    Specifies the server to dump the event log of.  Leading backslashes
    on the servername are optional.

-f <filename>
    Specifies the output file. The default is stdout.

-l <logname>
    Specifies which log (system, application, security) to dump.  If an
    invalid logname is specified, the application log will be dumped.

-m <sourcename>
    Specifies which source (such as, Rdr, Serial, ...) to dump records of.
    Only one source can be supplied.  If this switch is not used, all
    events are dumped.  If a source that is not registered in the
    registry is used, the application log will be searched for records
    of this type.

-e n1 n2 n3 ...
     Filters for event id nn (up to 10 may be specified).  If the -r
     switch is not used, only records of these types are dumped, if -r
     is used, all records EXCEPT records of these types are dumped.  If
     this switch is not used, all events from the specified sourcename
     are selected.  You cannot use this switch without the -m switch.

-r
    Specifies whether to filter for specified sources or records, or to filter
    them out.

-t
    If this is specified, individual strings are separated by tabs.  If
    not, they are specified by spaces.

So, to dump the system eventlog on server \\Eventsvr to a file event.out,
use:

    dumpel -s eventsvr -l system -f event.out

To dump the local system eventlog, but only get rdr events 2013, use:

    dumpel -l system -m rdr -e 2013

To dump the local application log, and get all events EXCEPT ones from
the garbase source, use:

    dumpel -l application -m garbase -r
