which can dump the contents of a local or remote event log to a comma-delimited file.

Any user can use Elogdmp to dump the contents of the Application event log on a local or remote computer, but you must have administrative privileges to dump the other event logs.

To dump an event log, use the following syntax:

elogdmp ComputerName EventLogName > Drive:\Folder\FileName.txt

where ComputerName is the name of the local or remote computer and EventLogName is one of the following:

Application
Security
System
"DNS Server"
"Directory Service"
"File Replication Service"

NOTE: If you omit the pipe ( > Drive:\Folder\FileName.txt ), the information is displayed on the console.