How To Collect Event Log
Collect Event log
-
Open Eventview with running eventvwr.msc;
-
Click on “Windows Logs” and then right click the log you want to save, Then Click “Save All Events As”:
-
Save Event log as evtx format to get more details of event log.
收集事件日志
-
在运行中运行命令 eventvwr.msc;
-
在事件查看器中点击 “Windows 日志”,然后选择需要保存的日志,右键并选择 “将所有时间另存为”:
-
将事件日志保存为 evtx 格式,以便获取更多的日志细节信息;
-
如果跳出 “显示信息” 提示,点击确定即可;
命令行收集事件日志
wevtutil epl System C:\temp\system.evtx
wevtutil epl Application C:\temp\Application.evtx
文档信息
- 本文作者:Robin Chen
- 本文链接:https://crushonme.github.io/wiki/EventLog/
- 版权声明:自由转载-非商用-非衍生-保持署名(创意共享4.0许可证)
Document Information
- Author :Robin Chen
- Link : https://crushonme.github.io/wiki/EventLog/
- Copyright:Attribution-NonCommercial-NoDerivatives-No additional restrictions(CC BY-NC-ND 4.0)
