ATTENTION: The new home of the Digital Forensics Wiki is at Yeah, it's a silly name, but it was cheap.
This wiki will be going offline permanently in the near future. An exact date will be announced soon. Thank you for being a part of this community.
If you wish to work on the new forensicswiki, please join the Google Group forensicswiki-reborn

Difference between revisions of "Windows XML Event Log (EVTX)"

From ForensicsWiki
Jump to: navigation, search
(See Also)
Line 21: Line 21:
* [[libevtx]]
* [[libevtx]]
* [[log2timeline]]
* [[log2timeline]]
* [ wevtutil]
* [ LogParser]
[[Category:File Formats]]
[[Category:File Formats]]

Revision as of 07:03, 9 February 2013

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

The Windows XML Event Log (EVTX) format was introduces in Windows Vista as a replacement for the Windows Event Log (EVT) format.

Windows EventViewer can represent the EVTX files in both "formatted view" and "XML view". Note that the formatted view can hide significant event data that is stored in the event and can be seen in the XML view.

See Also

External Links