Eventcombmt.exe is a multi-threaded tool that can gather specific events from the event logs on multiple computers at the same time. The tool also includes some preconfigured searches, like account lockout, which includes Events 529, 644, 675, 676, and 681.
You can search by:
- Individual, multiple, or a range of Event IDs
- Event Source
- Event Text
- Date Range
The tools includes the following features:
- Searches up to 100 different servers at the same time.
- Provides multiple methods of adding servers to a search (a text file, browse list, Active Directory).
- Select from preconfigured searches.
- Searches through saved event logs.
- Auto-detects the type of saved log file.
- Save the search results to a text file, Access database, or SQL database.
- Gather events that have occurred since your last search.
- Capture statistics about event frequency.
- Save and load your searches.
- Save text files as .txt or .csv files.
- Search Event logs from oldest to newest or newest to oldest.
- Resolve IP Addresses to hostnames for Event 675 errors.
- Find the largest length of time between events in a log.
- Decodes Event 1000 flags.
- Run searches from the command line.
- Scheduled searches.
- Search for the last time your servers restarted.
- Tracks account lockout issues.
- Provides information to help troubleshoot issues with the <b>FRS</b> (<b>F</b>ile <b>R</b>eplication <b>S</b>ervice).
- Collect events to a central location.