The Windows application logs are used by various applications such as SQL Server to write new events. It does not get recycled after the system restart. This blog is about a simple technique for exporting these logs into a CSV format using T-SQL query. You can import these flat files into SQL Server tables as well.
To launch the event viewer, type eventvwr in the Run and check the application, system logs.
These logs are saved at C:\WINDOWS\SYSTEM32\WINEVT\LOGS\ directory.
Suppose we want to import these application Windows logs in SQL Server. How do we do that? Let’s check it out.
The following script exports the application logs in CSV format and stores them into C:\Temp\Application.CSV file.
use [master];
Set nocount on
exec master..xp_cmdshell 'PowerShell.exe "get-winevent
-path C:\WINDOWS\SYSTEM32\WINEVT\LOGS\Application.evtx |
export-csv -path C:\Temp\Application.csv -useculture"'
The script uses the XP_CMDSHELL extended stored procedure. If you have enabled it in your SQL instance, refer to the article T-SQL statement to Enable and Disable XP_CMDSHELL using SP_CONFIGURE in SQL Server.
Execute the script, and you get a CSV file for the application Windows logs as shown below.
