How to Use EventCombMT to Gather the Event Logs of Several Different Computers
EventcombMt is a freeware tool from Microsoft, which can be used to gather Eventlogs from mutiple servers, all from one central location. EventcombMt, is part of the Account Lockout and Management Tools.
EventCombMT is a multithreaded tool that you can use to search the event logs of several different computers for specific events, all from one central location. You can configure EventCombMT to search the event logs in a very detailed fashion. The following are some of the search parameters that you can specify:
- Individual event IDs
- Multiple event IDs
- A range of event IDs
- An event source
- Specific event text
- How many minutes, hours, or days back to scan
You can also specify the location where the logs need to placed. What also great is that, that you can specify the export the event logs to a CSV format (Choose Options --> Save Files a CSV files. And second things is great that you also import a list of servers from a text-file. See the screenshots below.
Save event logs as CSV:
Specify servers using a text-file (Right click in the white box below Select to Search/Right Click to Add)
See here for an example how to search for Account Lockouts using EventCombMT
How to use the EventCombMT utility to search event logs for account lockouts