Category Archives: Uncategorized

Event Log Explorer Goes 64-bit: Unlocking the Power of Large-Scale Event Analysis

We’re excited to announce the release of a new beta version of Event Log Explorer Forensic Edition (5.6), featuring a game-changing update: native 64-bit support! This upgrade significantly enhances Event Log Explorer’s capabilities, especially for users working with large event log datasets. Here’s why: Breaking the Memory Barrier While Event Log Explorer efficiently loads event logs into a temporary local database, it still requires memory… Read More »

Setting up Windows to read events from remote computers over a local network.

Reading event logs from remote computers is crucial for network audit. Both Event Log Explorer and Windows Event Viewer applications allow the system administrators to read event logs remotely. However sometimes (mainly in no Active Directory environment) sysadmins have problems with accessing remote event logs. In this article, I’ll explain how to setup Windows to make event logs accessible over a network. As a rule,… Read More »

Windows Event. Level, Keywords or Type.

When you take the first look to Event Log Explorer, you may notice Type column in the event list. In the same time, Windows Event Viewer doesn’t have this column, which may confuse you. If you worked with Windows Event Viewer in old times (with Windows XP or below), you could see the Type column. There were 5 types of events that can be logged… Read More »

PowerShell may spoil command-line arguments when running external programs

Nowadays, Windows PowerShell is considered as a replacement of the classic Windows Console (Command Prompt) utility. In Windows 10, it can be set as a default console in Win+X menu In most cases, when you run command-line utilities from PowerShell and Command Prompt, they will behave exactly the same. However, we discovered that sometimes our command-line utilities work incorrectly when starting from PowerShell, while there… Read More »

New utility to export event logs into different formats

Event Log Explorer can export events into Excel, HTML, CSV and PDF files. The export is implemented as an option of user interface and it can be scheduled using internal Event Log Explorer scheduler. Some time ago, I wrote a couple of articles how to schedule export of events into Excel: https://eventlogxp.com/blog/exporting-event-logs-with-windows-powershell/ https://eventlogxp.com/blog/case-study-generating-regular-reports-about-the-problems-in-your-windows-network/). Both methods are not without drawbacks. The Powershell method doesn’t work well… Read More »

The fastest way to filter events by description

Filtering events by description is one of the most asked questions to us. Some time ago I wrote an article devoted to this problem. Recently we had to check all events in the security log linked with a certain file (let’s say, it’s winword.exe, C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE). The easiest solution was to use Filter command and type file name in the “Text in description”… Read More »