English Deutsch Français Italiano Español Русский Japanese
Analyze Windows event logs efficiently

Event Log Explorer™ for forensic investigators

Researching event logs is one of the key challenges for forensic computer examiners. Event Log Explorer simplifies and improves the process of event log analysis. According to our customers' feedback, Event Log Explorer helps to complete event log tasks two (and even more) times faster than standard Windows Event Viewer.

This great productivity is the result of the powerful features of Event Log Explorer:

Event log consolidation
You can analyze events from several sources (event logs, files) at one time. Event Log Explorer lets you consolidate different event logs into one single view.
This feature is crucial for timeline analysis.
Extremely powerful filters
Event Log Explorer provides 5 (five) ways to filter events by virtually any criteria, from a simple quick filters (filter by a selected template) to complex filters that refine linked events (e.g. startup/shutdown, logon/logoff).
Direct access to files
Event Log Explorer can access EVT and EVTX files directly (without Windows API). This allows you to read damaged event logs or read EVTX files if you use Windows XP for some reasons.
Custom columns
Event Log Explorer makes it possible to display event description details (e.g. user name, file name etc.) as a general column in the event list. Therefore, this feature eliminates the need for keeping track of all event descriptions and makes Event Log Explorer a great time saver.
Export events
To integrate event analysis with other forensic tasks(e.g. timeline analysis), you can export events. Event Log Explorer lets you export events to different formats such as HTML, Microsoft Excel or text file. You can export all the events in the view or just the selected ones with or without descriptions and custom columns.
Detached description source
During forensic analysis, you commonly work with event log files. And your computer may lack text descriptions of the events you research. Event log Explorer lets you get event descriptions from another machine.
Instant access
Event Log Explorer lists your event logs and event log files in the tree. It lets you immediately open the required event log with just a click.
Printing events
Similarly to the export feature, you can print events when you need to create a printout of the events. Event Log Explorer will automatically choose the best page layout depending on the number of columns you print.
Time correction
During the investigation you may face event logs taken from different time zones. Time correction feature lets you correct time and virtually move you to any time zone in the world.

This partial list of features makes Event Log Explorer indispensable for forensic investigators.

Check Event Log Explorer feature list

 

Download Event Log Explorer

Check Event Log Explorer features

Event Log Explorer benefits for IT-administrators

Advantages for managers and decision makers

Order Event Log Explorer license