(V1.5) SomarSoft DumpEvt - dump NT event log
Windows NT program to dump the event log, 
in a format suitable for importing into a
database. Used as basis for eventlog mgmt
system for long-term tracking of security 
violations, etc. Unregistered version is
fully functional. V1.5 fixes bug when string
separator also in parameter string. 
Shareware. By Somar Software, 
http://www.somar.com, info@somar.com.
------------------------------------------

                                Overview

SomarSoft DumpEvt is a Windows NT program to dump the eventlog in a format 
suitable for importing into a database. Similar to DUMPEL utility in the NT 
resource kit, but fixes various defects of that program that make the output
unsuitable for importing into databases such as Access or SQL server. 

                        Copyright/License/Registration

SomarSoft DumpEvt is Copyright  1995-1996 Somar Software. Send problem reports 
and comments to info@somar.com. More information about Somar Software
and this product is available via the WWW at http://www.somar.com.

SomarSoft DumpEvt is Shareware. You may try it for a period of 21 days. After this 
trial period, you must pay a either register and pay for the software, or 
delete it from your computer. See the SomarSoft DumpEvt online help for complete 
license and registration details.

		                         Installation

Files are as follows:
   README.TXT    - this file
   FILE_ID.DIZ   - description file
   DUMPEVT.EXE   - main program (console utility)
   DUMPEVT.HLP   - online help
   DUMPEVT.INI   - sample .INI file
   DUMPEVT.MDB   - sample access database
The .EXE, .HLP and .INI files should be placed together in any directory.

DumpEvt creates the following registry entry:
   HKEY_LOCAL_MACHINE\SOFTWARE\SomarSoftware\DumpEvt

DumpEvt makes no other changes to your system.

                               Changes in V1.5

Fix memory overwrite bug which occurred when StringSeparator was also in
parameter string.

                               Changes in V1.4

Add /clear option, which is especially useful for C2 security situations,
where the CrashOnAuditFail registry setting is in effect and the system
will crash if the security log fills up. Add /logfile=type=path option,
for dumping backed up event log files.

                               Changes in V1.3

Allows dumping binary data that is associated with some log records.

                               Changes in V1.2

Optional formatting of messages like event viewer (instead of just dumping
raw parameter values). If raw output, concatenate parameter strings as a
single database field, instead of as separate fields.

                               Changes in V1.1

Correctly display registered user name in registered version. 
