Solved

Can Ntbackup and 2008 backup, backup and restore windows event logs?

Posted on 2009-07-15
3
600 Views
Last Modified: 2012-06-27
Hi,

Could someone show me official Microsoft documentation that shows whether or not Windows 2003 ntbackup (or 2008 backup) is able to backup and restore Windows event log files.

I know that if you try and backup the .evt files directly (C:\WINDOWS\system32\config) that ntbackup will silently skip out those files. By 'silently' I mean the backup will show as being 100% successful, and no event logs will be backed up, or reported as not being able to be backed up.

The contents of system state is described here:
http://technet.microsoft.com/en-us/library/cc785306%28WS.10%29.aspx

I have not investigated 2008 backup capabilities, but if you happen to know event log backup on 2008 that would be useful.

*Note* I know that there are WMI scripts to backup eventlogs. This is not what I am asking. I am asking whether the built in backup software can do it.

Thank you for your time.


0
Comment
Question by:harrowc
  • 2
3 Comments
 
LVL 2

Expert Comment

by:cj52973
ID: 24880629
That's expected behavior if you run the process with a non-administrative account.
To backup the EVT logs the user (or worker process) needs to have Admin rights to the machine.
0
 
LVL 3

Author Comment

by:harrowc
ID: 24885046
You are incorrect.
Even admins cannot backup these files.
Try it for yourself.

0
 
LVL 3

Accepted Solution

by:
harrowc earned 0 total points
ID: 24891615
To test the 2003 backup side of things I performed the following steps:

1. On 2003 DC, backed up system state using ntbackup.
2. Cleared event logs.
3. Rebooted into Active Directory Restore mode
4. Used ntbackup to restore the system state
5. Rebooted into normal mode
6. Event viewer showed no events older than when I cleared the event logs in step 2.

This practical experiment answers one of my questions:

Does 2003 system state backup, backup the Windows event logs?
Answer: No.

Does anyone know if 2008 is the same?

0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question