ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Windows Event Log (EVT)

From ForensicsWiki
Revision as of 19:28, 13 March 2006 by Mkucenski (Talk | contribs)

Jump to: navigation, search

MS Windows Event Log Files

Windows typically maintains three event log files: application, system, and security. They are generally found in C:\Windows\system32\config.

Details of .evt file format can be found in Microsoft's MSDN library under 'EVENTLOGRECORD' EVENTLOGRECORD