Solved

Read partly corrupted Event Logfile

Posted on 2004-09-13
8
246 Views
Last Modified: 2010-04-14
Hi, my RAID array failed for an unknown reason: http://www.experts-exchange.com/Storage/Q_21126972.html

I have been able to partly recover the 3 event log files, they are partly corrupted, contain some unencrypted text but is also encrypted or something by the event viewer.

I know that if I load them into the Windows 2000 event viewer it will just tell me that the files are corrupted... So how can I read these files?

I'm hoping they will give me a clue to why my array failed...
0
Comment
Question by:Occupied
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 67

Accepted Solution

by:
sirbounty earned 500 total points
ID: 12043211
0
 
LVL 1

Author Comment

by:Occupied
ID: 12043328
Eldump was unable to do anything, it gave me the message that the logfile was corrupted, I'm guessing it used the Windows driver to look at the file because it gave me the error message in Swedish... (my system is Swedish..)

PsLogList gave me the same error message as ElDump...

Dumpel did not seem to have any option to read from a local file...
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 12043363
Hmm - let me take a look at your original question...brb.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 67

Expert Comment

by:sirbounty
ID: 12043462
So how were you able to recover the evt files?  I can't see the image from here (blocked by company proxy).
Doesn't sound good to me though.  Have you tried restorer 2000 by chance?
( http:Q_21014635.html#11240391)

Only other thing I could think is maybe a rom-based log?  Not familiar with your system - so not sure if that's even an option -but if psloglist won't view it, I don't know what will.  Sorry my friend.
Best of luck to you!
0
 
LVL 1

Author Comment

by:Occupied
ID: 12043511
Since my other harddrive in the RAID array lost it's data I have the odd chunks of 32kb from the event viewer files (the even parts was of course on the other harddrive...)... Hence the corruption..

My system is just a desktop computer, the logfile was only saved on the harddrives...
0
 
LVL 1

Author Comment

by:Occupied
ID: 12178181
If no one is able to help me with this how do I close this question? (I'm new to EE...)
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 12184073
Since I'm the only respondant, I can delete/refund if you like.
For future reference:
  See http:help.jsp#hs5
0
 
LVL 1

Author Comment

by:Occupied
ID: 12184813
To have it deleted would be a waste, I'm rewarding you the points because those applications might become useful to me in the future and you took the time to try any answer my question.
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article describes how to import an Outlook PST file to Office 365 using a third party product to avoid Microsoft's Azure command line tool, saving you time.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question