Extra power of custom columns

Approximately 10 years ago, we introduced custom columns in Event Log Explorer. This feature allows users to extract event details from the event description or event XML. Custom columns have significantly enhanced our customers’ ability to get more information from events, and we have continuously improved it across different versions. Previously, Event Log Explorer treated custom column values as text, which sometimes was insufficient for… Read More »

Scripting in Event Log Explorer

Starting from version 5.1 Event Log Explorer comes with scripting support (scripting is implemented in the forensic and enterprise editions). Scrips help you automate many routine tasks and improve your performance. Scripting lets you can open logs, set filters, scan event views, remove specific events from a log view, export events and many more. The scripting language we use in Event Log Explorer is PascalScript… Read More »

Event Log Explorer Forensic Edition – working with damaged logs or disks

In this article, I will show how to work with damaged event log files. Event Log Explorer forensic edition can extract events from damaged files. Let’s take a log file (e.g. a security log file) and open it with Event Log Explorer using File-> Open Log File. Event Log Explorer opens this file as it always does. Now we will intentionally corrupt this log. I… Read More »

Files in Event Log Explorer Forensic Edition. Searching for removed events

Although Standard Edition of Event Log Explorer works with event log files perfectly, you may need more functionality when analyzing damaged or intentionally modified event log files. I’m starting a series of articles about the advanced use of Event Log Explorer Forensic Edition with files. Let’s imagine that you examine an event log with removed events. If you believe that it’s impossible to remove events… Read More »

Event Log Explorer Forensic Edition

Recently we released a new edition of Event Log Explorer – Forensic Edition. Currently it has a beta version status – the final release will appear after we complete the documentation and add extra forensic features. Here I will describe the difference between the standard and forensic editions. The program keeps all features of the Standard Edition, and you commonly don’t need to use the… Read More »

Setting up Windows to read events from remote computers over a local network.

Reading event logs from remote computers is crucial for network audit. Both Event Log Explorer and Windows Event Viewer applications allow the system administrators to read event logs remotely. However sometimes (mainly in no Active Directory environment) sysadmins have problems with accessing remote event logs. In this article, I’ll explain how to setup Windows to make event logs accessible over a network. As a rule,… Read More »

Event Log Explorer 5 beta 2

Recently we released a new beta of Event Log Explorer 5 and I will show you what features we added. One of the great new features is a Task. The task defines what events will be picked, which computers from and how they will be displayed. Example of a task: Display all warning, error and critical events from System and Application logs of VM2012 and… Read More »