How to display logons of non-domain users to the system

Sometimes you may need to display who logons your server except for the authenticated domain users. It could be authenticated users from the trusted domain, local users, system services, etc. First, we define that we will filter the Security log by Event Id = 4624 (as we did before). The event description of this event looks like An account was successfully logged on. Subject:                … Read More »

Windows Event. Level, Keywords or Type.

When you take the first look to Event Log Explorer, you may notice Type column in the event list. In the same time, Windows Event Viewer doesn’t have this column, which may confuse you. If you worked with Windows Event Viewer in old times (with Windows XP or below), you could see the Type column. There were 5 types of events that can be logged… Read More »

PowerShell may spoil command-line arguments when running external programs

Nowadays, Windows PowerShell is considered as a replacement of the classic Windows Console (Command Prompt) utility. In Windows 10, it can be set as a default console in Win+X menu In most cases, when you run command-line utilities from PowerShell and Command Prompt, they will behave exactly the same. However, we discovered that sometimes our command-line utilities work incorrectly when starting from PowerShell, while there… Read More »

New utility to export event logs into different formats

Event Log Explorer can export events into Excel, HTML, CSV and PDF files. The export is implemented as an option of user interface and it can be scheduled using internal Event Log Explorer scheduler. Some time ago, I wrote a couple of articles how to schedule export of events into Excel: https://eventlogxp.com/blog/exporting-event-logs-with-windows-powershell/ https://eventlogxp.com/blog/case-study-generating-regular-reports-about-the-problems-in-your-windows-network/). Both methods are not without drawbacks. The Powershell method doesn’t work well… Read More »

How to track printer usage with event logs

At the time, the US companies spend a total of $120 billion on printed forms annually, and each employee uses about 10,000 sheets of paper according to CompTIA. That’s why printer usage monitoring is very important to cut costs for printer supplies and their utilization. Another reason to know who and how uses corporate printers is to manage your resources and plan upgrades or downgrades… Read More »

Windows Event Viewer cannot read classic event logs anymore

Update of May 18, 2020: It looks like Windows 10 1909 doesn’t have this issue. Although era of Windows XP is over, there are still a great number of PCs running this operating system or Windows 2003 Server. According to different researches, in 2018 Windows XP market share was more than 4% of all desktop operating systems. Windows 2003 Server still has more than 10%… Read More »

Elodea – First Review

Recently we released a new product that collects events from different sources, sends them into a database and alerts on important events. Elodea (acronym for Event Log Dispatcher and Event Alerter). The program and its documentation are available on this page: https://eventlogxp.com/elodea.html In this article I will demonstrate how to setup and configure Elodea on your PC. To simplify the demonstration process, we will work… Read More »

Event Log Database Exporter

One of the great features in Event Log Explorer 4.7 is a command line utility to export event logs to the database (eldbx.exe). Using this utility, you can make a centralized storage of events for better forensic investigations and improve system and security management on your network. In the previous article I described how to export events into the database directly from Event Log Explorer… Read More »

Using Event Log Explorer to access database events

Event Log Explorer 4.7 comes with new features to save events into SQL server database and load database events. Saving events into a database gives you many advantages. You can consider event database as an event log backup. You can collect data from different computers in your network into one database and then use any reporting or analytical tools to create your own reports or… Read More »