Tip: Troubleshoot Group Policy with GPLogView

GPLogView.exe is a command-line troubleshooting tool that you can use to dump Group Policy–related events logged in the System Event Log channel and the Group Policy Operational Event Log channel. GPLogView.exe works only on Windows Vista; it is not included with Windows Vista but GPLogView.exe is available as a free download. The command-line options for this tool are:

-? Shows this usage message.

-o [output file name] Output filename required for text, xml, or html; not valid if -m is specified.

-n Do not output the activity ID.

-p Dump the process ID and thread ID associated with each event.

-a [activity id guid] Shows only events matching the given activity ID.

-m Runs the tool in monitor mode displaying events in real time.

-x Dumps the event in XML; the only other options allowed with this option are –m and -a but not both together.

-h Dumps the events in HTML format; -m or -x option not allowed, and -a and -n are allowed, but not both together. Also must specify -o option.

-q [Query file name] Uses the query specified by query file.

-l [Publisher name] If -q is specified, the publisher name must be specified.

The following examples illustrate the use of this tool:

GPLogView.exe -o GPEvents.txt

GPLogView.exe -n -o GPEvents.txt

GPLogView.exe -a ea276341-d646-43e0-866c-e7cc35aecc0a -o GPEvents.txt

GPLogView.exe -p -o GPEvents.txt

GPLogView.exe -x -o GPEvents.xml

GPLogView.exe -x -m

GPLogView.exe -x -a ea276341-d646-43e0-866c-e7cc35aecc0a -o GPEvents.xml

GPLogView.exe -h -o GPEvents.html

GPLogView.exe -h -a ea276341-d646-43e0-866c-e7cc35aecc0a -o GPEvents.html

GPLogView.exe -h -q somequeryFile.txt -l Microsoft-Windows-GroupPolicy -oGPEvents.html

From the Microsoft Press book Windows Vista Resource Kit, Second Edition.

Looking for More Tips?

For more Windows Vista tips, visit the TechNet Magazine Windows Vista Tips page.

For more Tips on other products, visit the TechNet Magazine Tips index.