Are there specific tools (like rrdtool) or powershell commands to generate graphs of windows event logs?
For the first I want to visualize the Windows Server 2008 R2 event log "PrintService". There is written on which time which user is printing on which printer. The visualization should be something like, how much is printed (on the specific) printer on which day, etc.
It is possible to export the content.
Edit1
I did now a xml export. Now I try with PowerShell to count how often the same username
written in
<Param3>username</Param3>)
appears.
The output should be like
- user_a - 5
- user_b - 7
I assume that you need to search for some monitoring solution which supports features you need like Nagios or ManageEngine, there should be plenty of them.
You could export the events by yourself, but it is not straightforward (see PowerShell Get-WinEvent XML Madness). E.g., Microsoft LogParser does not extract all fields of Windows Events, but it could be enough for your purposes. Otherwise, you need to write your own export tool working with Win32 API, or use a third-party solution like Graylog or Logstash, again, there should be some other.