The ability to have something similar to a unix AWK would be appreciated. I am trying to get the Event Source and Event ID out of a NT Event Log Message coming through the Patrol Adapter and it is almost impossible since the starting position and the length of the data is ever changing.
Date: 11/25/2003 Source: Backup Exec
Time: 09:47:25 Category: N/A
Type: error EventID: 57476
source is multi-worded and the message has carriage returns.