Reputation: 471
Converting evtx log to csv error
I am trying to convert and evtx log file to csv from log parser 2.2. I just want to copy all of the data into a csv.
LogParser "Select * INTO C:\Users\IBM_ADMI
N\Desktop\sample.csv FROM C:\Users\IBM_ADMIN\Desktop\Event
Logs\sample.evtx" -i:EVTX -o:csv
But I am getting the error below.
Error: Syntax Error: extra token(s) after query: 'Logs\sample.evtx'
Please assist in solving this error.
Upvotes: 0
Views: 4009
Answers (3)
Reputation: 1
you have to convert .evtx file to .csv than you can read from this .csv file. like this .enter image description here
//String command = "powershell.exe your command";
//called the PowerShell from java code
String command = "powershell.exe Get-WinEvent -Path C:\windows\System32\winevt\Logs\System.evtx | Export-Csv system.csv"; File seys = new File("system.csv"); Process powerShellProcess = Runtime.getRuntime().exec(command);
Upvotes: 0
Reputation: 3041
I know this has been a year but if you (or other people) still need it and for sake of reference, this is what I do:
LogParser "Select * INTO C:\Users\IBM_ADMIN\Desktop\sample.csv FROM 'C:\Users\IBM_ADMIN\Desktop\Event Logs\sample.evtx'" -i:evt -o:csv
- Correct input type is
evt, notevtx. - If there is space in the
Event Logsfolder, enclose with single quote.
Upvotes: 1
Reputation: 471
The Problem was due to the extra space in between the folder name Event Logs. Changed the folder name to a single workd and it worked.
Upvotes: 0
Related Questions
- How can I output MySQL query results in CSV format?
- Writing a pandas DataFrame to CSV file
- Save PL/pgSQL output from PostgreSQL to a CSV file
- Dump a NumPy array into a csv file
- Escape semicolon or comma in log parser 2.2
- Logparser error when used with PowerShell
- Reading IIS log file in Log parser
- Log Parser 2.2 - Error : Syntax Error: <Select-Clause>: no SELECT keyword
- LogParser Error: Syntax Error: extra token(s) after query: 'Files\Apache'