I'm looking to filter events out of a very large security event log that contain only certain text. I would then like to save those events to a new log. I'm seeking a utility, script, etc. recommendation on how I can do this in a more automated fashion.
Unfortunately, the Server 2008 R2 Event Viewer, while much nicer than prior versions, still doesn't seem to offer filtering based on a custom string. If I'm wrong, please educate me. There's a "Find" feature but that doesn't filter the log for only those events, it just finds events with that text in it. Which means I would need to manually go through thousands of events selecting them one at a time.
I'm looking to search the log for lets say "MickeyMouse" and save only events that have that text into a new file. Perhaps there's a more powerful Event Viewer out there somewhere that I could leverage.
Any advice is certainly appreciated. Thank you!