EventLog Source is a custom Data Source component written for SQL Server Integration Services 2005. It is written to load Windows 2003/XP evt files (saved event logs) into a SQL Server 2005 table. If you have clustered or multi-tiered applications, it is nearly impossible to trace problems from one machine to the next without the ability to run complex queries over the log data. My motivation in writing this component was the need to analyze event logs from several different machines to order to see what happened on all the machines at a given time. SQL server provides the powerful query language and engine necessary to do this.

The component is written for SQL 2005 and installs to its DTS component subdirectory. It has not been tested with any other version of SQL Server. In addition, there were changes made to the event log file format and APIs starting with Vista. This component does not load Vista evtx files and will not work with the event logging API on operating systems Vista or later (ie Windows 7, Windows Server 2008, etc). The component runs with SQL 2005, Windows 2003 and/or Windows XP only.

