[Note, this article is not suitable for junior computer users]
If there is one, a friend tells you that his computer has a problem, and you may need to analyze the event log of its system. After all, in the Windows system, the system event log records too much information, application usage, crashes and other records, Windows system various event records and so on. However, when your friend sends the log in his Windows directory and you want to view and analyze it, I find that the event log crashes!
What is going on here?
The reason is very simple. The event log before Vista is the .evt file, Vista and the .evtx file!
We can use the Log Parser 2.2 provided by Microsoft (click to enter the official Microsoft page), it can parse the respective supported formats on the corresponding system, the parsing command is: logparser -i:EVT "SELECT * INTO A.csv FROM b.evt" But if you parse the .evt format log on Vista, Windows Server 2008, Windows 7, and later systems, you may be prompted to crash the event log. You need to convert the .evt format to .evtx format. Fortunately, The Vista and later systems provide the Wevtutil-Windows Events Command Line Utility tool!
Run the command: wevtutil epl application.evt application.evtx /lf:true to convert.
wevtutil The prompts in the system are in English,:
Windows Events Command Line Utility.
Enables you to retrieve information about event logs and Publishers, installand Uninstall event manifests, run queries, and export, archive, and clear logs.
Usage:
You can use either the short (for example, ep /uni) or long (for example, enum-Publishers /unicode) version of the command and option names. Commands, options and option values are not case-sensitive.
Variables are noted in all upper-case.
wevtutil COMMAND [ ,null,null,3],ARGUMENT [ARGUMENT] ...] [/OPTION: VALUE [/OPTION: VALUE] ...]
Commands:
el
For Vista, most people know the cool features of Aero, Flip 3D, etc. In fact, Vista is quite connota
Windows Vista has added a lot of new features, while some old components have also been enhanced, re
[Note, this article is not suitable for junior computer users]If there is one, a friend tell
Automatically Add FiltersThe above filtering method is more powerful, but it may be difficult for no
Desktop Virtual Technology Vista's Secret Weapon
Windows Vista system minimum configuration requirements
Vista does not support LinuxSamba Server solution
How to create and delete hidden accounts in the system
Vista application and optimization tips
Windows Vista installation and disaster recovery
Quick uninstallation in Vista to remove Win7 in multiple systems
How to use the Vista registry to clean up the system garbage
Windows Vista Simplified Chinese version installation diagram
Vista system acceleration and optimization
Thunder downloads are prohibited in the Windows Server 2008 network
How to turn off the win7 desktop computer automatically connected to the wireless router
Tips for getting Win7 system boot speed less than 30 seconds
The computer mouse can still move without crashing, but it doesn't matter what it takes to use it.
64-bit Windows XP operating system preview
360 mobile phone security guards mobile phone anti-theft graphic tutorial
Win7 playing Need for Speed 10 very card how to do
What should I do if the latest preview version of win10 cannot switch Microsoft accounts?