diff --git a/Log-SecurityEvents_Archiving.xml b/Log-SecurityEvents_Archiving.xml
new file mode 100644
index 0000000..b57ac27
Binary files /dev/null and b/Log-SecurityEvents_Archiving.xml differ
diff --git a/LogPushToServer.cmd b/LogPushToServer.cmd
new file mode 100644
index 0000000..6c369e1
--- /dev/null
+++ b/LogPushToServer.cmd
@@ -0,0 +1,45 @@
+@echo off
+
+set FNSRC=%1
+set FNDEST=%COMPUTERNAME%-%~n1
+set DEST=\\COLLECTSERVER\In
+set LOCKFILE=%DEST%\%COMPUTERNAME%.lock
+set LOGFILE=c:\temp\LogPushToServer.log
+
+echo %DATE% %TIME%	Parameter: "%1" >> %LOGFILE%
+
+IF exist %LOCKFILE% (
+	echo lock file exist, abort.  >> %LOGFILE%
+	exit
+)
+echo "running" > %LOCKFILE%
+
+
+IF NOT EXIST "%FNSRC%" (
+	echo file not found.  >> %LOGFILE%
+	del %LOCKFILE%
+	exit
+)
+
+
+echo %DATE% %TIME%	copy file %FNSRC% %DEST%\%FNDEST%.temp >> %LOGFILE%
+copy "%FNSRC%" "%DEST%\%FNDEST%.temp" >> %LOGFILE%
+del "%FNSRC%" >> %LOGFILE%
+
+echo rename "%DEST%\%FNDEST%.temp" FNDEST%.evtx" >> %LOGFILE%
+
+rename "%DEST%\%FNDEST%.temp" "%FNDEST%.evtx" >> %LOGFILE%
+
+REM
+REM if someone knows why renaming is not possible i will be very happy to know.
+REM
+
+IF NOT EXIST "%DEST%\%FNDEST%.evtx" (
+	echo "ready" > "%DEST%\%FNDEST%.import"
+)
+
+
+del %LOCKFILE%
+
+echo %DATE% %TIME%	finished >> %LOGFILE%
+