(V1.7.3) Somarsoft DumpEvt - dump event log
Windows NT program to dump the event log, 
in a format suitable for importing into a
database. Used as basis for eventlog mgmt
system for long-term tracking of security 
violations, etc. 

This is a free product.

See http://www.systemtools.com/somarsoft for 
further information on this product.
------------------------------------------

                                Overview

Somarsoft DumpEvt is a Windows NT program to dump the eventlog in a format 
suitable for importing into a database. Similar to DUMPEL utility in the NT 
resource kit, but fixes various defects of that program that make the output
unsuitable for importing into databases such as Access or SQL server. 

                        Copyright/License/Registration

Somarsoft DumpEvt is Copyright  1995-1997 by Somarsoft, All Rights Reserved.

This is a free product.

See http://www.systemtools.com/somarsoft for 
further information on this product.

See the Somarsoft DumpEvt online help for complete licensing details.

		                         Installation

Files are as follows:
   README.TXT    - this file
   DUMPEVT.EXE   - main program (console utility)
   DUMPEVT.HLP   - online help
   DUMPEVT.INI   - sample .INI file
   DUMPEVT.MDB   - sample access database, including some Visual Basic programs.
The .EXE, .HLP and .INI files should be placed together in any directory.

DumpEvt creates one of the following registry entries (depending on
command line parameters)
   HKEY_LOCAL_MACHINE\SOFTWARE\Somarsoft\DumpEvt
   HKEY_CURRENT_USER\SOFTWARE\Somarsoft\DumpEvt

DumpEvt makes no other changes to your system.

                               Changes in V1.7
Add TimeFormat option to DUMPEVT.INI.
Fix bug in converting from universal to local time.
Fix bug in formatting non-ascii characters.
Add SplitDateTime option to DUMPEVT.INI.

                               Changes in V1.6
Dynamically allocate buffer for ReadEventLog, to handle case of very log records.
Add ReplaceCR and ReplaceLF instead of ReplaceCRLF.
Removed /clear option from documentation.
Always specify local computer for OpenBackupEventLog.
Convert sample access database from V1.1 to V7.0, fix module/macro.
Include sample visual basic code in help file.
Get SeSecurityPrivilege when dumping security log locally 
   (allows dumping this log by non-administrator.
Load message DLLs from remote computers.
Add /backup parameter.
Add DumpRecnum formatting option.

                               Changes in V1.5

Fix memory overwrite bug which occurred when StringSeparator was also in
parameter string. Change from Somar to Somarsoft.

                               Changes in V1.4

Add /clear option, which is especially useful for C2 security situations,
where the CrashOnAuditFail registry setting is in effect and the system
will crash if the security log fills up. Add /logfile=type=path option,
for dumping backed up event log files.

                               Changes in V1.3

Allows dumping binary data that is associated with some log records.

                               Changes in V1.2

Optional formatting of messages like event viewer (instead of just dumping
raw parameter values). If raw output, concatenate parameter strings as a
single database field, instead of as separate fields.

                               Changes in V1.1

Correctly display registered user name in registered version. 
