Pau Lo
asked on
evtx viewer
Is there any free GUI software that can view/search evtx files (event viewer files)..
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
yes by default it is used to access the local or remote machine event viewer - just see it as another alternate viewer. It can still process file based using the /LoadFiles when you input as option when running the exe.
For example:
MyEventViewer.exe /LoadFiles "c:\temp\app.evt" "Application"
MyEventViewer.exe /LoadFiles "c:\temp\sec.evt" "Security" "c:\temp\app.evt" "Application"
MyEventViewer.exe /shtml "c:\temp\events1.html" /LoadFiles "c:\temp\sec.evt" "Security" "c:\temp\app.evt" "Application"
MyEventViewer.exe /remote \\MyComputerName
MyEventViewer.exe /remote \\192.168.0.1
For example:
MyEventViewer.exe /LoadFiles "c:\temp\app.evt" "Application"
MyEventViewer.exe /LoadFiles "c:\temp\sec.evt" "Security" "c:\temp\app.evt" "Application"
MyEventViewer.exe /shtml "c:\temp\events1.html" /LoadFiles "c:\temp\sec.evt" "Security" "c:\temp\app.evt" "Application"
MyEventViewer.exe /remote \\MyComputerName
MyEventViewer.exe /remote \\192.168.0.1
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
yap EVTlog parser, MyeventViewer and Event Log Explorer are good to explore for your need ... eventually there are script for batch job
ASKER
Ultimately though these are logs pulled from an old backup and not live local or remote analysis of current logs
good to test out to make the evtx or evt format is maintained since the tools is to work off offline extracted files
ASKER