因此,我的日志解析器查询失败并指出远程过程调用失败。
但是,我能够使用事件查看器进行连接(我讨厌这样做);事件查看器使用什么来连接,而日志解析器却不能?
C:\Program Files (x86)\Log Parser 2.2>LogParser -e:1 "SELECT EventId, RecordNumber, EventId, SourceName, TO_STRING( TO_UTCTIME( TimeGenerated ), 'yyyy-MM-dd hh:mm:ss.ll' ), Strings INTO 'C:\l*.csv' FROM \\DC1\Security, \\DC2\Security, \\DC3\Security WHERE TimeGenerated >= TO_LOCALTIME( SUB( SYSTEM_TIMESTAMP(), TIMESTAMP( '1', 'd' ) ) ) AND EventId=4740 ORDER BY RecordNumber DESC"
Task aborted.
Error reading event log: The remote procedure call failed.