ESET Log Collector Command line
The Command line interface is a feature that enables you to use ESET Log Collector without the GUI. For example, on Server Core or Nano Server installation, also if you require or simply wish to use command line instead of the GUI. There is also an extra command line only function available that converts the ESET binary log file to an XML format or to a text file.
Command line help - Run start /wait ESETLogCollector.exe /? to display the syntax help. It also lists available targets (artifacts) that can be collected. Contents of the list depend on the detected type of ESET security product installed on the system you are running ESET Log Collector on. Only relevant artifacts are available.
NOTE We recommend you use start /wait prefix when executing any command because the ESET Log Collector is primarily a GUI tool, The Windows command line interpreter (shell) does not wait for the executable to terminate and instead returns immediately and displays a new prompt. When you use start /wait prefix, you will make the Windows shell wait for ESET Log Collector's termination. |
If you are running ESET Log Collector for the first time, ESET Log Collector requires the End User License Agreement (EULA) to be accepted. To accept EULA, run the first command with /accepteula parameter. Any subsequent commands will run without the need of the /accepteula parameter. If you choose not to accept the terms in the End User License Agreement (EULA) and do not use the /accepteula parameter, your command will not be executed. Also, the /accepteula parameter must be specified as the first parameter, for example: start /wait ESETLogCollector.exe /accepteula /age:90 /otype:fbin /targets:prodcnf,qinfo,warn,threat,ondem collected_eset_logs.zip
Usage:
[start /wait] ESETLogCollector.exe [options] <out_zip_file> - Collects logs according to specified options and creates output archive file in a ZIP format.
[start /wait] ESETLogCollector.exe /Bin2XML [/All] [/UTC] <eset_binary_log> <output_xml_file> - Converts collected ESET binary log file (.dat) to an XML file.
[start /wait] ESETLogCollector.exe /Bin2Txt [/All] [/UTC] <eset_binary_log> <output_txt_file> - Converts collected ESET binary log file (.dat) to a text file.
Options:
/Age:<days> - Maximum age of collected log records in days. The value range is 0-999, 0 means infinite, and default is 30.
/OType:<xml|fbin|obin> - Collection format for ESET logs:
xml - Filtered XML
fbin - Filtered binary (default)
obin - Original binary from disk
/All - Translate also records marked as deleted. This parameter applies only when converting the collected ESET binary log file to XML or TXT.
/UTC - Convert the time format of the log records from local time to UTC format.
/Targets:<id1>[,<id2>...] - List of artifacts to collect. If not specified, a default set is collected. The special value 'all' means all targets.
/NoTargets:<id1>[,<id2>...] - List of artifacts to skip. This list is applied after the Targets list.
/Profile:<default|threat|all> - A collection profile is a defined set of targets:
Default - Profile used for general support cases.
Threat - Profile related to the threat detection cases.
All - Selects all available targets.
NOTE When you choose Filtered XML or Filtered binary collection format, the filtering means that only records for the last number of days will be collected (specified by /Age:<days> parameter). If you choose Original binary from disk, parameter /Age:<days> will be ignored for all ESET logs. For other logs, such as Windows Event Logs, Microsoft SharePoint logs or IBM Domino logs, parameter /Age:<days> will be applied so that you can limit non-ESET log records to a specified number of days and have original ESET binary files collected (copied) without age limit. |
NOTE Parameter /All allows for conversion of all log records, including those that were deleted via GUI but are present in the original binary file marked as deleted (log records not visible in the GUI). |
|
|
|
|
|