Among other things, it shows what processes and drivers that were running at the time of the crash as well as the Kernel-mode stack that stopped. While all dump files contain information about a crash, there are several different types of them. A complete memory dump, for instance, contains the most information. Windows also supports kernel memory dump files. Kernel memory dump files are smaller than complete memory dump files, making them easier to transfer when troubleshooting a BSOD.
A third type of Windows dump file is a small dump file. They are only KB in size, making them the smallest. Specifies the file name for the output file. There is no default for -f, so you must specify the file. Specifies the server for which you want to dump the event log.
Leading backslashes on the server name are optional. Specifies which log system, application, security to dump. If an invalid log name is specified, the application log is dumped. Specifies in which source such as redirector rdr , serial, and so on to dump records.
Only one source can be supplied. If this switch is not used, all events are dumped. If a source is used that is not registered in the registry, the application log is searched for records of this type. Filters for event ID nn up to 10 can be specified. If the -r switch is not used, only records of these types are dumped; if -r is used, all records except records of these types are dumped. If this switch is not used, all events from the specified sourcename are selected.
You cannot use this switch without the -m switch. Specifies whether to filter for specific sources or records, or to filter them out. Specifies that individual strings are separated by tabs. If -t is not used, strings are separated by spaces. Dumps events for the past x days.
Note: Dumpel can only retrieve content from the system, application, and security log files. Thanks for the reply I agree with the examples that you sent. You are correct, that it only recognizes the standard log types and not a custom audit log. Thanks for all your help and time, I shall check these pages out, Will inform you on my findings.
Cheers Nozy. Great tool, its only restricted to usual Application, system, security , could had been very usful. Red Flag This Post Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework. Close Box. Log In Come Join Us!
0コメント