Firewall Wizards mailing list archives

RE: NT log file format?

From: "Choi, Byoung" <bchoi () visa com>
Date: Thu, 25 Mar 1999 14:24:19 -0800

if you are talking about eventlog file, it may be bit involved.

the log file stores message # and string arguments.  app-specific log lines
will have a message table containing message texts corresponding to message
#, and the tables are usually stored in a dll (message resource).

to process in unix,

1. extract log data translated with the message text (i.e., substitute
message # with message text)
2. then dump it on a unix and do what you will.

i suppose another way is to somehow duplicate unix equivalent of nt message
resource dll (message table), and use that with the raw nt log data file.

urrrmm...  i'm an nt newbie too 8-}
(so correct me if i'm wrong)


b-

----------
From:         Marcus J. Ranum[SMTP:mjr () nfr net]
Reply To:     Marcus J. Ranum
Sent:         Thursday, March 25, 1999 9:30 AM
To:   firewall-wizards () nfr net
Subject:      NT log file format?

Anyone got any pointers to C code for dissecting NT log
file formats under UNIX? Or is that pretty much an insane/inane
idea?

mjr.
--
Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
work - http://www.nfr.net
home - http://www.clark.net/pub/mjr

Current thread:

NT log file format? Marcus J. Ranum (Mar 25)
- Re: NT log file format? Paul M. Cardon (Mar 25)
- RE: NT log file format? David Bovee (Mar 26)
- <Possible follow-ups>
- Re: NT log file format? Ryan Russell (Mar 25)
  - Re: NT log file format? Joseph S D Yao (Mar 26)
  - Re: NT log file format? davi (Mar 26)
  - Re: NT log file format? sedwards (Mar 26)
- RE: NT log file format? Choi, Byoung (Mar 25)
- Re: NT log file format? Lart (Mar 26)
- Re: NT log file format? ark (Mar 26)
  - Re: NT log file format? David Gillett (Mar 26)
- RE: NT log file format? Kenneth_W_Fox (Mar 26)