Программа для чтения журнала windows

Need more power and insights than Windows Event Viewer can deliver? We show you some of the best tools to manage the Windows event log across your network.

Картинка с сайта: www.comparitech.com

Windows event log data is a goldmine of information that you can use to monitor network infrastructure and manage security events

While you can use Windows Event Viewer, log management tools are a superior alternative and enable you to manage Windows event log data with enhanced GUIs and visualizations.

Here is our list of the best tools to manage Windows Event Log / Event Viewer:

1. SolarWinds Log Analyzer EDITOR’S CHOICE This tool collects, centralizes, and analyzes log data from Windows systems. It provides real-time log monitoring, detailed event analysis, and manual and automated search capabilities, helping with troubleshooting, security monitoring, and compliance reporting. Runs on Windows Server. A 30-day free trial is available.
2. ManageEngine EventLog Analyzer (FREE TRIAL) Log management software with custom reports, a correlation engine, and more. Download the 30-day free trial.
3. Site24x7 Log Management (FREE TRIAL) A log server, consolidator, and processor that is available from several plans offered by a cloud-based system monitoring platform. 30-day free trial available.
4. ManageEngine Log360 (FREE TRIAL) A SIEM that collects Windows Event logs plus Syslog messages and data from more than 700 applications. Runs on Windows Server. Start a 30-day free trial.
5. Netwrix Event Log Manager Free event log management tool that centrally stores Windows event log data, and generates event alerts.
6. LogRhythm SIEM platform with analytics, machine intelligence, workflow automation, alarms, and more.
7. Sumo Logic Free log management software, available as a SaaS service with custom dashboards, real-time analytics, and machine learning.
8. Datadog Cloud monitoring tool with log management capabilities, dashboards, alerts, search, filtering, and more.
9. Syslog-NG Log management software with TLS encryption, log collection, storage, forwarding, and more.

The best tools to manage Windows Event Log / Event Viewer

The following reviews include some of the top log management tools, SIEM software, and other tools that provide network administrators with more visibility into logs.

1. SolarWinds Log Analyzer (FREE TRIAL)

Картинка с сайта: www.comparitech.com

SolarWinds Log Analyzer is an event log monitoring tool for Windows that collects event log data. You can monitor event log data in real-time through syslog, SNMP traps, and system event logs. Data can be collected and monitored through one user interface.

Key Features:

• Real-Time Log Monitoring: Tracks log data as it occurs for immediate insights.
• Log Tagging and Filtering: Simplifies log navigation and categorization.
• Customizable Alerts: Sets alerts based on specific log criteria.
• Centralized Log Collection: Collects Windows Event Logs, Syslog, and custom log formats, for centralized storage and analysis.
• Security Event Correlation: Combines log data from multiple sources to identify and respond to security incidents.

Why do we recommend it?

SolarWinds Log Analyzer runs on Windows Server and it will collect log messages from all around your network, covering all endpoints and the software that runs on them. The tool will collect Windows Events, Syslog messages, and logs from applications. The service can file or forward consolidated logs.

The software is very easy to use. Tagging and filtering enable the user to navigate through log data efficiently. There is also a search bar, and event logs are tagged with icons including warning, alert, error, emergency, and debug so that the user understands what’s happening more clearly.

A customizable alert system enables the user to set trigger conditions for alerts. Users can set alerts according to severity, and configure reset conditions to minimize false positives. Alerts can be sent from email and trigger external scripts to ensure you respond to performance events as they unfold.

Картинка с сайта: www.comparitech.com

Who is it recommended for?

This log analyzer shows log messages as they arrive, provides statistics on arrival rates by source, type, and severity, and it includes a data viewer for analysis. You can set up your own custom queries to perform on messages and link them through to custom alerts. However, this is not a full SIEM system.

SolarWinds Log Analyzer is an excellent tool for managing Windows event log data through a single pane of glass. The platform provides extensive visibility through an intuitive platform that makes it easy to find the information you need to. Prices start at $1,495 (£1,210). You can download the 30-day free trial.

Related post: Best Log Analysis Tools

2. ManageEngine EventLog Analyzer (FREE TRIAL)

Картинка с сайта: www.comparitech.com

ManageEngine EventLog Analyzer is a log management tool for Windows and Linux that can manage event logs and syslogs. You can process logs at 25,000 logs per second, which enables you to detect cyberattacks in real-time. The software can pull log data from services like WindowsServer, Linux, Oracle, Amazon Web Service, Apache, Cisco, HP, IIS, and more.

Key Features:

• High-Performance Log Processing: Handles up to 25,000 logs per second.
• Customizable Dashboard: Tailors log monitoring to specific needs.
• Compliance Reporting: Supports HIPAA, PCI DSS, ISO 27001, and more.

Why do we recommend it?

ManageEngine EventLog Analyzer is a compliance manager. It requires log messages for source data, so the package also includes a log collector and consolidator that can receive Windows Events, Syslog messages, and logs from applications – 750 sources in total. The tool provides a facility for manual analysis and also generates log message throughput statistics.

The correlation engine automatically processes event logs and compares them with other logs to detect the signs of a cyber attack. The automatic processing enables you to monitor log data more efficiently and stay on top of threats. However, you can use the search module to search manually as well.

Compliance reports enable you to create log reports and comply with a range of regulatory frameworks. The EventLog Analyzer creates reports that comply with PCI DSS, ISO 27001, GLBA, SOX, FISMA, and HIPAA regulations. Reports can also be customized and scheduled according to the preferences of the user.

Картинка с сайта: www.comparitech.com

Who is it recommended for?

ManageEngine provides a lot of deployment options for the EventLog Analyzer. It is available as a SaaS package and it can also be installed on Windows Server or Linux. The package provides log management and provides opportunities for manual analysis. It also implements security scanning. The Free edition would interest very small businesses.

ManageEngine EventLog Analyzer is one of the top free event log management tools. The free edition supports up to five log sources. Paid versions start at $595 (£481.78) with features like compliance reporting and log forensics. You can download the 30-day free trial.

ManageEngine EventLog Analyzer
Download 30-day FREE Trial

3. Site24x7 Log Management (FREE TRIAL)

Картинка с сайта: www.comparitech.com

Site24x7 Log Management is a module in a suite of monitoring services delivered from the Cloud by Site24x7. This log management tool isn’t available as a standalone product. Instead, it is integrated into all of the packages that Site24x7 offers. These are:

• Website Monitoring
• Site24x7 Infrastructure
• Application Performance Monitor
• All-in-one
• MSP

The Site24x7 system is mainly resident in the Cloud but it does need a data collector to be installed on the monitored system. This agent is available for the Windows Server and Linux operating system and it can collect statistics over a network.

Key Features:

• Diverse Log Collection: Gathers Windows Events, Syslog, and application logs.
• Unified Log Format Consolidation: Streamlines log management across different sources.
• Comprehensive Data Analysis Tools: Enhances log data examination.

Why do we recommend it?

Site24x7 Log Management is a cloud-based log collector and consolidator. This system is able to gather log messages from multiple sites and file them. It also shows live messages as they arrive and can provide throughput statistics. The package can handle Windows Events and Syslog messages as well as application logs.

The data collector also catches log messages as they circulate around the server and network. It collects Windows Event messages and also Syslog and application log messages. These are sent to the Site24x7 server over a secure connection for processing. The server consolidates all of the log messages that it receives and converts them into a common format. This enables a unified treatment of log messages from all sources.

The Log Management system includes a data viewer, which can be accessed from the Site24x7 system dashboard. This includes data analysis features such as the ability to sort, filter, group, and summarize records.

Картинка с сайта: www.comparitech.com

Who is it recommended for?

The Site24x7 system is affordable for any size of enterprise. The service also provides a 30-day window for the storage of log files. You can set up the system to forward logs immediately to another system or accumulate them in files and move them to another storage location.

All of the Site24x7 packages are subscription services and all are available on 30-day free trials. For example, you can get a free trial of the Site24x7 Infrastructure plan in order to try out the services’ Log Management tool.

Site24x7 Log Management
Start 30-day FREE Trial

4. ManageEngine Log360 (FREE TRIAL)

Картинка с сайта: www.comparitech.com

ManageEngine Log360 collects log messages and feeds them into a SIEM for threat detection. The collectors operating on Windows devices will pick up Windows Event logs and interact with software packages to extract operational data. The service can communicate with more than 700 applications. When operating on Linux, a Log360 agent will collect Syslog messages.

Key Features:

• Broad Application Integration: Works with over 700 applications for comprehensive coverage.
• Advanced Threat Intelligence Feed: Stays updated with current security threats.
• Regulatory Compliance Assistance: Meets HIPAA, PCI DSS, FISMA, SOX, GDPR, and GLBA standards.

Why do we recommend it?

ManageEngine Log360 is a megapack of log management and analysis systems and it provides a SIEM tool for security scanning. The EventLog Analyzer is included in the package along with five other log management tools for Windows Events, Syslog, application logs, and cloud platform reports. The system provides compliance reporting and data loss prevention.

The server component of Log360 installs on Windows Server but the collector system is available for a list of operating systems. The collectors send data to the log server, which converts their different formats into a common standard. The log server then files messages in a meaningful directory structure, rotating files daily or, for larger systems, more frequently. The log files need to be made available for investigation.

The dashboard for the system shows log throughput statistics and alerts. The console also includes a data viewer, which has manual analysis tools. Log messages are shown in the data viewer as they arrive and can also be loaded in from log files.

Картинка с сайта: www.comparitech.com

Who is it recommended for?

This is a very large package of system security tools and there is no Free edition, so it is unlikely to appeal to small businesses. As this tool is able to collect activity data from cloud platforms as well as on-premises assets, the system is ideal for use by businesses that operate a hybrid environment.

The SIEM system has many features, which include a threat intelligence feed to speed up threat detection. The system produces alerts that can be channeled through service desk systems. You can assess ManageEngine Log360 with a 30-day free trial.

ManageEngine Log360
Download 30-day FREE Trial

5. Netwrix Event Log Manager

Картинка с сайта: www.comparitech.com

Netwrix Event Log Manager is a free event log management software that can collect Windows event logs. It collects event logs and centrally stores them for the user to analyze. The tool allows you to monitor the event log data of multiple Windows devices from one centralized location.

Key Features:

• Centralized Event Log Storage: Aggregates logs for easier access and analysis.
• Real-Time Alerts: Notifies about important events as they occur.
• Event Summaries: Provides quick insights into log data trends.

Why do we recommend it?

Netwrix Event Log Manager is a free tool that collects Windows Events messages and provides a range of useful services, such as statistical analysis on message throughput and log forwarding or filing. Although this tool centralizes the collection of Windows Events, it doesn’t provide handling for Syslog messages.

Managing and configuring the Event Log Manager is simple for new users. The platform runs as a service so you don’t need to have it open at all times for monitoring. To configure the tool, all the user needs to do is add target computers to monitor the network and enter alert parameters to determine when notifications are generated.

The alerts system sends you email notifications whenever an important event happens to a connected device. You can control what alerts you’re notified about through a dialog box. For example, you can set the system to notify you about Application Errors and Systems Errors.

Who is it recommended for?

This is a nice free tool for viewing Windows Events and it also provides analysis features such as searching and sorting. You can also set up alerts that you can have sent to you by email. This offers an administrator with no budget a way to assemble a customized monitoring system.

Netwrix Event Log Manager is a reliable tool for enterprises looking to manage Windows Event Log and event viewer data for free. It’s available for Windows XP SP3 and above, Windows Server 2008, 2012, and 2016. You can download the software for free.

6. LogRhythm

Картинка с сайта: www.comparitech.com

LogRhythm is a SIEM platform that can be deployed on-premises or in the cloud with high-performance and speed. It uses ElasticSearch to maintain performance for users during indexing and searching. Log data captured by the program is searchable so that you can locate event log data fast and easily.

Key Features:

• Advanced SIEM Capabilities: Provides high-end security incident and event management.
• ElasticSearch Integration: Ensures performance during data indexing and searching.
• Machine Intelligence: Employs AI for more accurate threat detection.

Why do we recommend it?

LogRhythm is a top-of-the-line cloud-based SIEM system that has an option user behavior analytics module. This tool collects and consolidates log messages from many sources, which include Windows Events and Syslog messages. It also consolidates different log formats into a common layout and files them.

Through a web-based user interface, users can monitor security incidents throughout their entire network. Security analytics and visualizations provide you with an engaging presentation of log data. Log data is processed by Machine Data Intelligence to classify and structure log messages to produce over 800 different data sources.

Картинка с сайта: www.comparitech.com

When it comes time to respond to an issue, LogRhythm has an alarms system that notifies the users about security events. To lower the time to resolve the user can use SmartResponse to create automated response workflows. The SmartResponse feature allows you to automatically complete tasks such as running a vulnerability scan or disabling a user account.

Who is it recommended for?

There is a log manager at the heart of the LogRhythm system because logs are the source data for the SIEM, which is the key feature of the platform. However, if you are just looking for a log manager, this option is way more than you need.

It’s is an excellent log management solution for scalability. LogRhythm offers a flexible pricing model that supports up to an unlimited number of log sources and users. However, you need to request a quote from the company directly. You can watch the demo.

7. Sumo Logic

Картинка с сайта: www.comparitech.com

Sumo Logic is a free SaaS-based log management tool that collects and analyzes windows event logs. You can create custom dashboards and use real-time analytics to monitor security events throughout your network. The analytics system can identify performance anomalies by analyzing log patterns, which helps the user to make sense of log data.

Key Features:

• Custom Dashboards: Personalizes log data visualization.
• Real-Time Analytics: Delivers immediate insights into log patterns.
• Machine Learning-Driven Alerts: Provides intelligent notifications of anomalies.

Why do we recommend it?

Sumo Logic is a SaaS platform that provides system monitoring and log management. The Free edition provides the base plan for the system. If you are just looking for a log manager, this is as far as you need to go because the higher plans add on a SIEM and other security monitoring tools.

One of its advantages is the ability to share dashboards and reports with other users. Dashboards include a range of displays such as charts to help the user make sense of log data. Users also have the option to adjust the time frame they’re looking at to change the data they view.

Картинка с сайта: www.comparitech.com

Who is it recommended for?

The Sumo Logic free package is limited to processing 1 GB of data per day. That’s great for small businesses but larger enterprises will have to upgrade to one of the paid plans. The higher plans provide security scanning, which you might not want if you are just looking for a log management package.

Sumo Logic is a platform that’s recommended for those users who want a log management platform with top-notch analytics capabilities. The free version supports up to 4GB of log storage. Users that require more can purchase a paid version. Paid versions start at $90 (£72.97) per month per 1GB daily ingest. You can start the free trial.

8. Datadog

Картинка с сайта: www.comparitech.com

Datadog is a cloud monitoring tool that can monitor applications, services, and log data. You can take Windows Event Log data and use it to generate events in your Event Stream. The Event Stream displays a list of recent events that have occurred throughout your network.

Key Features:

• Integrated Log Management: Collects and analyzes logs within a unified platform.
• Advanced Filtering: Tailors log data analysis to specific needs.
• Machine Learning Alerts: Intelligent alerting based on log data trends.

Why do we recommend it?

Datadog Log Management is a cloud-based system that is able to collect and consolidate Windows Events, Syslog messages, and application logs. The tool calculates statistics on log message arrival and also displays messages in a data viewer. The data viewer can also load in messages from files.

The software enables you to search and filter log data in one place. All data can be archived centrally so that it’s accessible when you need it. Log data can be viewed through the dashboard, which is packed with visualization options like charts and diagrams to give you a more sophisticated perspective of what’s going on.

Machine learning-driven alerts notify you the moment there’s a problem. Alert notifications can be sent directly to external services like Slack, Hangouts Chat, and Microsoft Teams. You can also use Webhooks to follow up with custom code to deliver an automated response to the problem.

Картинка с сайта: www.comparitech.com

Who is it recommended for?

This tool is very affordable because all of its services are priced by data throughput. Another factor that enters into pricing is a data retention period for archiving. However, you could choose to file messages in this tool and then move those files elsewhere for archiving and save money.

There is a range of pricing options available for Datadog depending on your use case. For log management, prices start at $1.27 (£1.03) per million log events, per month with 7-day data retention or $0.10 (£0.081) per ingested or scanned GB, per month. You can start the 14-day free trial.

9. Syslog-NG

Картинка с сайта: www.comparitech.com

Syslog-NG is a log management solution that can collect and store Windows event logs. It can collect data from over 10,000 log sources and uses TLS encryption to protect important messages from unauthorized access. The platform offers users filtering to assist with navigation and store data in binary files.

Key Features:

• Log Data Storage: Safely archives log data for later analysis.
• Log Filtering and Forwarding: Organizes and redirects log data as needed.
• TLS Encryption: Secures log data during transmission and storage.

Why do we recommend it?

Syslog-NG is a free tool and it is able to process and forward Syslog messages, Windows Events, and many application log sources. It gives you the option of storing log messages to file or inserting them into a database. You can get the software and run it on your own server.

The software enables the user to forward log data to external tools. Users can send logs to SQL databases, MongoDB, and Hadoop Distributed File System nodes. The user can also send logs via SNMP or SMTP. Forwarding log data makes it easier for organizations to manage logs in the format that’s most convenient.

Who is it recommended for?

The free community edition is a good choice for those who just want to collect, consolidate, and file log messages. The paid options provide more options because they provide professional support, include a GUI interface, and can be run as software or bought as a network appliance.

Syslog-NG is recommended for enterprises that want a simple but comprehensive log management solution that supports a range of log sources. You can request a custom price quote from the sales team on the company website. Download the 30-day free trial.

Choosing the right tool for your organization

Managing Windows event logs is something that every enterprise should be doing. Having the visibility to detect failed services and availability issues early reduces the chance of the network is disrupted. The log management tools we’ve listed can all manage Windows event log data effectively, and give you the best chance of catching performance problems quickly.

Our editor’s choice for this article is SolarWinds Log Analyzer as it offers Windows users a comprehensive Windows event log monitoring experience for a competitive price tag. ManageEngine EventLog Analyzer also offers users a high-quality alternative and is recommended for companies looking for a free log management solution.

Windows Event Log Management FAQs

Event log viewers are programs that track important events on your computer. Every app or program that runs on your computer leaves a trace in the event log, and before apps stop or crash, they post a notification. 

Every single event or change made on your computer is registered in the event log.

In other words, an event viewer is a program that scans long text log files, groups them and adds a simpler interface on huge amounts of technical data.

In case your computer doesn’t work properly, event viewers are essential because they offer you important information on the source of the problem.

Windows 10 comes with its own built-in event log viewer that offers users an in-depth image of the processes taking place on their computers. 

If you want to analyze particular event information, you can also use third-party event viewers.

How to use Windows Event Viewer

1. Type event in the Windows search tab and select Run as administrator to start Event Viewer with full privileges.
   

   Картинка с сайта: windowsreport.com

2. Next, click on the category of the event from the left pane, and the list of events will appear on the upper-middle pane.
3. When you click on an event, you will get the details on the bottom-middle pane; double-clicking it will open the details in a separate window.
4. In our example, we are checking out a kernel warning that a core of the processor was limited by system firmware. Hitting the Copy button with copy all the information in the clipboard to paste it in a document or an Excel file.
   

   Картинка с сайта: windowsreport.com

5. You can also use all the options from the right pane to gain more information. For instance, you can save the event as a .evtx file by clicking on Save Selected Events.
   

   Картинка с сайта: windowsreport.com

Windows Event Viewer is great to get basic information on events on your system and it can be used easily for saving important information.

What are the best Windows 10 event log viewers?

Windows Event Log Viewer

Картинка с сайта: windowsreport.com

Many Windows users rely on this built-in tool to check the events that take place on their computers.

This tool has two major advantages: it’s already installed on your computer and has a very intuitive interface. You can launch the Windows Event Log Viewer by typing event viewer in the search bar.

The tool’s screen is divided into three parts: the event categories are located in the left-hand sidebar, details about log events can be found in the middle section of the window, while the available actions are listed in the right-hand sidebar.

In the left pane, you can choose from all the event types. The top one is aimed for the administrative event.

Clicking on each one on the center pane, will provide you with general or detailed information about the event.

The next two categories from the left are the Windows logs and the Applications and services logs. The first refers, of course, exclusively to the OS and its built-in apps.

The action pane from the right offers you all the possible options to interact with the logs but the most important are the save and export options that are paramount to sharing the reports to specialized help.

The Windows Event Log Viewer offers reports about five log events:

• Application events: reports about app/ program issues
• Security events: reports about the results of security actions
• Setup events: mainly refers to domain controllers
• System events: these are reports sent by Windows system files about the issues encountered and are usually self-healing issues
• Forwarded events: these are reports sent by other computers

Event Log Explorer

Картинка с сайта: windowsreport.com

This event log viewer allows users to view, analyze and monitor events recorded in Windows’ event logs.

Event Log Explorer is better than Microsoft’s own Event Log Viewer, bringing more features to the table.

Thanks to this tool, users can analyze various event logs: security, application, system, setup, directory service, DNS, and more.

The tool can even access Windows event logs and event log files from remote servers and you can view more of them at one time in separate windows or in one big, merged window.

If it’s relevant, you can choose between legacy Windows NT API and modern Windows Event Log API to access the logs.

Event Log Explorer reads events into its own temporary storage for faster log analysis. Of course, you can choose between memory and disk storage.

The software also allows you to consolidate events in one single view to review it as a solid log. You can even save it as an EVT file.

Other features include:

• Instant access to event logs – Event Log Explorer works with both local and remote event logs, as well as with event log files in EVT and EVTX format
• Efficient filtering – filter by event descriptions using regular expressions, filter by security event parameters, or you can build complex filters and organize them into a filter library
• Export events and report generator – export and print events

⇒ Get Event Log Explorer

MyEventViewer

Картинка с сайта: windowsreport.com

MyEventViewer is another interesting, simpler alternative to Microsoft’s Event Log Viewer. This tool lets you watch multiple event logs in one list, together with event description and data.

Also, the event description and data are displayed in the main window, instead of opening a new one.

No installation process or additional DLL files are required to run this software, all you need to do is to launch the executable file.

With MyEventViewer, you can select multiple event items and save them to HTML/Text/XML files. Of course, there’s also the option to copy them to the clipboard and paste them afterward into and Excel document.

MyEventViewer’s mai window is composed by 2 panes. The top one shows you the list of all events and when you select one you will see the description in the lower pane window.

You can remove/add the logs that you want to view from the main window by using the Logs menu.

The software also has command-line commands for advanced users. The admins will be happy to use them for a more efficient process that implicates more computers.

Other features include:

• It packs only the main features and options you need to monitor your system
• The simplistic interface is very user-friendly
• You can view the events from a remote computer
• Certain events can be hidden from specific users
• Events can be filtered using a series of criteria

⇒ Get MyEventViewer

FullEventLogView

Картинка с сайта: windowsreport.com

This is NirSoft’s most recent event viewer, it was released on September 9, 2016. FullEventLogView is a simple tool for Windows 10 that displays the details of all Windows events in a table.

FullEventLogView is the upgraded version of MyEventViewer:

MyEventViewer is a very old tool […]. The old programming interface still works even on Windows 10, but it cannot access the new event logs added on Windows Vista and newer systems. […]

FullEventLogView uses the new programming interface, so it displays all events.

The tool allows you not only to view the events of your local computer but also the events of a remote computer on your network, and events stored in .evtx files.

It also allows you to export the events list to text/csv/tab-delimited/html/xml file from the GUI and from the command-line.

This program works on any version of Windows, including Windows Vista and up to Windows 10. Both 32-bit and 64-bit systems are supported.

⇒ Get FullEventLogView

SentinelAgent

Картинка с сайта: windowsreport.com

SentinelAgent is a cloud-based Windows monitoring software. This tool registers, stores and analyzes event logs, performance metrics, and system inventory from any Windows PCs, tablets, and servers on your network.

SentinelAgent is available for home users, small and medium businesses and enterprise clients.

The service for home users notifies you when your devices are having problems, and help you identify the source of the problem as well. 

No configuration is necessary, as the tool is already pre-configured to monitor specific computer performance elements and alert you by email as soon as issues are detected.

If you opt for a professional version, you will need to install the agent on system you want to monitor.

Then, if those devices start having problems, you will get notified. You will also be able to access a log with 7 days of system data that is stored outside the PC that is acting up to get to the root of the issue.

Other features include:

• 7 Days Data Retention (Rotating)
• Monitor All Your Machines From 1 Account
• Pre-Configured Notifications for CPU/Disk Errors
• Pre-Configured Notifications for Event ID Errors
• No Ads. No Bloat
• Network Installation Ready
• 2.7 Mb Disk Space Required

⇒ Get SentinelAgent

We hope this top Windows 10 event log viewers help you to choose the tool that best suits your monitoring needs.

If you’re interested in other options, you can also check our log monitoring software list for experienced admins.

Have you already tried out some of the event viewers listed in this article? Tell us more about your experience in the comment section below.

See Also

• NK2Edit — Edit, merge and fix the AutoComplete files (.NK2) of Microsoft Outlook.
• EventLogChannelsView — enable/disable/clear event log channels.
• UninstallView — Alternative uninstaller for Windows 10/8/7/Vista

Description

FullEventLogView is a simple tool for Windows 11/10/8/7/Vista that displays in a table the details of all events from the event logs of Windows, including the event description.
It allows you to view the events of your local computer, events of a remote computer on your network, and events stored in .evtx files.
It also allows you to export the events list to text/csv/tab-delimited/html/xml file from the GUI and from command-line.

Картинка с сайта: www.nirsoft.net

System Requirements

This utility works on any version of Windows, starting from Windows Vista and up to Windows 11. Both 32-bit and 64-bit systems are supported.
For Windows XP and older systems, you can use the MyEventViewer tool.

FullEventLogView vs MyEventViewer

MyEventViewer is a very old tool originally developed for Windows XP/2000/2003.
Starting from Windows Vista, Microsoft created a new event log system with completely new programming interfaces. The old
programming interface still works even on Windows 10, but it cannot access the new event logs added on Windows Vista and newer systems.
MyEventViewer uses the old programming interface, so it cannot display many event logs added on Windows 11/10/8/7/Vista.
FullEventLogView uses the new programming interface, so it displays all events.

Versions History

• Version 1.80:
  • Added ‘Black Background’ option (Under the View menu). When it’s turned on, the main table and the lower pane text-box are displayed in black background and white text, instead of default system colors.
  • Fixed issue: When copying data to the clipboard or exporting to tab-delimited file, every line contained an empty field in the end of the line.
• Version 1.78:
  • Added ‘Full Screen’ mode (View -> Full Screen or F11 key).
• Version 1.77:
  • Added ‘Sort By’ toolbar button.
• Version 1.76:
  • Fixed issue: The ‘Record ID’ value was limited to the size of 32-bit integer.
• Version 1.75:
  • Fixed the filter to work properly when new event items are added in ‘Auto Refresh’ mode.
• Version 1.74:
  • Updated to stop the event log scanner when you press the Esc key.
• Version 1.73:
  • The status bar now displays the current scanned event log channel/filename.
• Version 1.72:
  • Fixed to work properly when specifying to filter more than 23 event IDs (Workaround for limitation of event log queries).
• Version 1.71:
  • Fixed to display the time properly in AM/PM format.
  • Fixed the default columns size in high DPI mode.
• Version 1.70:
  • Added option to choose a single event log filename (.evtx or .etl file) in the ‘Choose Data Source’ window.
  • You can also load a single event log file (.evtx or .etl file) by dragging it from Explorer window into the main window of FullEventLogView.
• Version 1.68:
  • Added ‘Add Header Line To CSV/Tab-Delimited File’ option (Turned on by default).
• Version 1.67:
  • Fixed the /srawxml command-line option to save the raw xml much faster than the previous versions.
• Version 1.66:
  • ‘Show Event Strings In Columns’ option — You can now change the number of event string columns displayed when this option is turned on.
    You can do it by editing the following line in FullEventLogView.cfg (The default value is 10):
    
    EventStringColumns=10
  • You have to edit this value while FullEventLogView is not running.
• Version 1.65:
  • Added option to save the selected events as raw event XML (In ‘Save Selected Items’ option), which is the same XML you see in the lower pane when choosing Options -> Lower Pane Display Mode -> Show Event XML.
  • Added /srawxml command-line option to save the raw event XML from command-line.
  • Updated the HTML export feature to HTML5.
  • Added option to change the sorting column from the menu (View -> Sort By). Like the column header click sorting, if you click again the same sorting menu item, it’ll switch between ascending and descending order. Also, if you hold down the shift key while choosing the sort menu item, you’ll get a secondary sorting.
• Version 1.62:
  • Added option to specify user name and password for connecting a remote computer (In the ‘Choose Data Source’ window). You have to use this option if you get ‘Access is denied’ error message when trying to connect the remote computer.
• Version 1.61:
  • Fixed some high DPI mode issues.
• Version 1.60:
  • Added ‘Tray Balloon On New Event’ option. This feature is active only when both ‘Put Icon On Tray’ and ‘Auto Refresh’ options are turned on.
    When it’s active, FullEventLogView displays every new event in a tray balloon.
  • Added ‘Start As Hidden’ option. When this option and ‘Put Icon On Tray’ option are turned on, the main window of FullEventLogView will be invisible on start.
• Version 1.58:
  • Added ‘New FullEventLogView Instance’ under the File menu, for opening a new window of FullEventLogView.
• Version 1.57:
  • Added ‘Log File’ column, which displays the log filename if the event was loaded directly from .evtx or .etl file.
• Version 1.56:
  • In the the channel and provider fields of the ‘Advanced Options’ window — you can now choose the desired channel/provider from a combo-box.
• Version 1.55:
  • When reading .etl files that store the event data inside EventPayload element of the XML, FullEventLogView now automatically converts the EventPayload
    from hexadecimal string to readable text, and displays it as the decsription of the event.
    
    For example, you can use this feature to view the Windows Update logs from C:\windows\logs\WindowsUpdate on Windows 10.

  • Added ‘Copy Clicked Cell’ option to the right-click context menu, which copies to the clipboard the text of cell that you right-clicked with the mouse.
• Version 1.53:
  • Fixed bug: Wildcards didn’t work when using the ‘Search in full description string’ option.
  • Fixed to save the ‘Case Sensitive’ option of the Quick Filter in the .cfg file.
• Version 1.52:
  • Added ‘Select All’ and ‘Deselect All’ to the ‘Column Settings’ window.
• Version 1.51:
  • Added the ‘Clear All Events Of Selected Channel’ option to the context menu.
  • Increase the maximum size of the description filter string.
• Version 1.50:
  • Fixed bug: FullEventLogView remained in memory if you closed the main window during events scanning.
  • Added ‘Clear All Events Of Selected Channel’ option (Under the file menu). For example: If you select an event that its channel is
    ‘System’, using this option will delete all system events.
  • Added /ClearChannelEvents command-line option, which clears all events of the specified channel, for example:
    
    FullEventLogView.exe /RunAsAdmin /ClearChannelEvents «Microsoft-Windows-Bits-Client/Operational»

  • Added 2 modes to description filter: ‘Search in description parameters’ and ‘Search in full description string’. In previous versions, the search was made inside description parameters,
    but some people reported it’s a bug. The search is now made by default inside the full description string, but this search mode is slower because it requires to load the metadata and format the
    description string before the filtering process.

• Version 1.38:
  • Fixed bug: When trying to export events of remote computer from command-line, FullEventLogView loaded the events from local computer.
• Version 1.37:
  • Added ‘Case Sensitive’ option to the Quick Filter window.
• Version 1.36:
  • Added /RunAsAdmin command-line option for running FullEventLogView as administrator.
• Version 1.35:
  • Added new options to the ‘Quick Filter’ feature, including the option to filter the list by Event ID.
• Version 1.32:
  • When choosing to load only specific event IDs (From ‘Advanced Options’ window), the loading process is much faster.
• Version 1.31:
  • Fixed bug: When connecting a remote computer the following error was displayed — Error 50: The request is not supported.
• Version 1.30:
  • Fixed bug: FullEventLogView failed to display the event strings in the lower pane (‘Show Event Data + Description’ mode) and in the columns (‘Show Event Strings In Columns’ option).
  • You can now resize the properties window, and the last size/position of this window is saved in the .cfg file.
  • You can now send the data to stdout by specifying empty string as filename, for example:
    
    FullEventLogView.exe /scomma «» | more
• Version 1.28:
  • Fixed the lower pane to use the right font size in high DPI mode.
  • Added option to choose another font (name and size) to display in the main window.
• Version 1.27:
  • When exporting items with multiline description to tab-delimited file (Including the ‘Copy Selected Items’ option), FullEventLogView now put the description in quotes to
    ensure the exported data will be displayed properly in Excel and other programs.
• Version 1.26:
  • Added support for saving as JSON file.
• Version 1.25:
  • Added ‘Show Event Strings In Columns’ option (Under the Options menu). When it’s turned on, 10 new event string columns are added to the main table (‘String 1’, ‘String 2’, ‘String 3’…).
    These columns display the strings from the event decsription and you can click the column header in order to sort the events according to the event strings.
• Version 1.22:
  • Fixed bug: On some systems, FullEventLogView missed some of the events when using a time filter.
• Version 1.21:
  • Added /cfg command-line option, which instructs FullEventLogView to use a config file in another location instead if the default config file, for example:
    
    FullEventLogView.exe /cfg «%AppData%\FullEventLogView.cfg»
• Version 1.20:
  • Added option to filter according to strings of the event description (In ‘Advanced Options’ window).
  • Added ‘Quick Filter’ feature (View -> Use Quick Filter or Ctrl+Q). When it’s turned on, you can type a string in the text-box added under the toolbar and FullEventLogView will instantly filter the events table, showing only lines that contain the string you typed.
  • Fixed the lower pane to switch focus when pressing tab key.
• Version 1.12:
  • Added option to specify time range in GMT (‘Advanced Options’ window).
  • Fix bug: When using /SaveDirect command-line option, the file was always saved according to the default encoding, instead of using the selected encoding in Options -> Save File Encoding.
• Version 1.11:
  • Fixed bug: the process of exporting large amount of event log items from command-line was very slow, even when using /SaveDirect.
• Version 1.10:
  • Added option to automatically read archive log files (In ‘Choose Data Source’ window). This option works only when you run FullEventLogView as administrator.
• Version 1.06:
  • Fixed FullEventLogView to display event description properly when reading .evtx files from shadow copy (e.g: \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy3\Windows\System32\winevt\Logs )
  • Fixed bug: FullEventLogView displayed error message when trying to read .etl files.
• Version 1.05:
  • FullEventLogView now displays an error message if it fails to load events from external evtx file or from remote computer.
  • Added ‘Choose Data Source’ icon to the toolbar.
• Version 1.00 — First release.

Start Using FullEventLogView

FullEventLogView doesn’t require any installation process or additional DLL files.
In order to start using it, simply run the executable file — FullEventLogView.exe

After running FullEventLogView, the main window loads and displays all events from the last 7 days.
You can change the default 7-days time filter and set other filters by using the ‘Advanced Options’ window (F9)

If you want to load the events from remote computer on your network or from event log files (.evtx), you should use the ‘Choose Data Source’ window (F7).

Lower Pane Display Mode

When you select an event in the upper pane, the lower pane displays the details of the selected event, depending on the display mode that you choose (Options -> Lower Pane Display Mode):

• Show Event Description:
  Displays the full description of the event. Some event descriptions are too long for watching them in the ‘Description’ column, so you can view the long event description in the lower pane.
• Show Event Data + Description:
  Displays the full description of the event and additional data stored in this event.
• Show Event XML:
  Displays the full XML of the event.

Refresh (F5) And Smooth Refresh (F8)

FullEventLogView provides 2 types of refresh actions:

• Refresh (F5): Reloads the entire event log
• Smooth Refresh (F8): FullEventLogView only adds the new event items that have been created since the previous refresh.

Auto Refresh Mode

When Auto Refresh mode is turned on (Options -> Auto Refresh -> Every x seconds), FullEventLogView
automatically executes a smooth refresh according to the refresh interval you choose, so you’ll be able to see when a new event log item is created.

Show Event Strings In Columns

You can turn on the ‘Show Event Strings In Columns’ option if you want to view all event strings in the upper pane table.
By default, FullEventLogView displays 10 event string columns (String 1, String 2, String 3,…).
If you need more than 10 event string columns, You can do it by editing the following line in FullEventLogView.cfg:

EventStringColumns=10

You have to edit this value while FullEventLogView is not running.

Run As Administrator

By default, FullEventLogView doesn’t request elevation (Run As Administrator). If you want to watch events thar are only available with administrator privilege (like the security log),
you have to run FullEventLogView as administrator by press Ctrl+F11.

Command-Line Options

Translating FullEventLogView to other languages

In order to translate FullEventLogView to other language, follow the instructions below:

1. Run FullEventLogView with /savelangfile parameter:
   
   FullEventLogView.exe /savelangfile
   
   A file named FullEventLogView_lng.ini will be created in the folder of FullEventLogView utility.
2. Open the created language file in Notepad or in any other text editor.
3. Translate all string entries to the desired language.
   Optionally, you can also add your name and/or a link to your Web site.
   (TranslatorName and TranslatorURL values) If you add this information, it’ll be
   used in the ‘About’ window.

4. After you finish the translation, Run FullEventLogView, and all translated
   strings will be loaded from the language file.
   
   If you want to run FullEventLogView without the translation, simply rename the language file, or move
   it to another folder.

License

This utility is released as freeware.
You are allowed to freely distribute this utility via floppy disk, CD-ROM,
Internet, or in any other way, as long as you don’t charge anything for this and you don’t
sell it or distribute it as a part of commercial product.
If you distribute this utility, you must include all files in
the distribution package, without any modification !

Disclaimer

The software is provided «AS IS» without any warranty, either expressed or implied,
including, but not limited to, the implied warranties of merchantability and fitness
for a particular purpose. The author will not be liable for any special, incidental,
consequential or indirect damages due to loss of data or any other reason.

Feedback

If you have any problem, suggestion, comment, or you found a bug in my utility,
you can send a message to nirsofer@yahoo.com

FullEventLogView is also available in other languages. In order to change the language of
FullEventLogView, download the appropriate language zip file, extract the ‘fulleventlogview_lng.ini’,
and put it in the same folder that you Installed FullEventLogView utility.

Here is the list of of Best Free Event Log Viewer Software For Windows. These software make the task of viewing Event Log easy for you. The Windows’ default Event Log Viewer tool is a bit complex and not so user friendly. So, if you want to take a look at your PC’s event log, these software will come in handy. You can not only view, but filter out and view only required events. You can also export event log as HTML, TXT, or Excel, and even take print out of selected or all events using these Event Log Viewer software.

Using these free event log viewer software, you can view your PC’s event log files, a remote PC’s event log files, or event log files stored separately on your PC.

Some of these freeware event log viewer let you view event details right on the main interface, and some open event details in separate window. One of the freeware let you export events as HTML report; you will be able to view event detail in the report.

My Favorite Event Log Viewer for PC:

I like FullEventLogView the most, as it is an easy to use Event Log Viewer, and displays events along with their details on the same interface. No advanced and unnecessary options can be found, making this a perfect viewer for event log files.

You can also checkout the list of best free Cataloging Software, System Information Viewers, and System Backup Software for Windows.

FullEventLogView

Картинка с сайта: listoffreeware.com

FullEventLogView is a free event log viewer for Windows. It lets you load and view even logs from your computer, from a remote computer, or from external folder containing log files. You can view all the log data on its interface along with various respective details. The events are sorted according to the time of event. For each event, you can view its Record ID, Event ID, Level, Channel, Provider, Description, Opcode, Keywords, Process ID, Thread ID, and User.

The interface of this event viewer software is dual pane. In one panel, you can see all the events. Click on an event, and you will be able to view its details in the second panel.

There are various options related to viewing event log available here. You can use the Find tool to look for a specific event. Select an event to copy it. If you want to view only a specific type of events, you can use the Filter option. Another important option lets you export even log report for all events or selected events.

Under Advanced Options, you can select the event level types to display in log. Here, you can also set a time duration for which you want to view event log files.

Note: The option to view event log from remote computer did not seem to work properly in this free event log viewer for PC.

Event Log Explorer

Картинка с сайта: listoffreeware.com

Event Log Explorer is an advanced event log viewer. Its different and better than conventional event log viewers. On its interface, it displays an event log tree in categories. So, if you want to view events related to Applications, Hardware, Key Manager, Security, Windows PowerShell, or any other category, click on the respective subtree to view related events. For each subtree, the related events are displayed in separate tabs. For each event, you can view its type, date, time, source, category, and description.

Filter tool has been provided if you are looking for a specific event. You can also save or export selected events or all events. Events can be exported as HTML, TXT, or Excel files. There are various other tools that you can make use of, such as Scheduler, Event alert, Analytical report, etc.

This event viewer software can also open log files saved on your PC. Although it has an option to view event log of remote computer, it didn’t work.

Note: This software is only free to use for personal and non-commercial purposes.

Windows Event Viewer Plus

Картинка с сайта: listoffreeware.com

Windows Event Viewer Plus is a simple yet useful event log viewer software for Windows. Just like Event Log Explorer, you can view events category wise. There is list of event log categories available on the interface. Click on a category to view respective events in this event viewer software. For each category, you can view total entries, along with errors and warnings found. The event logs are categorized as: Application, Hardware Events, Internet Explorer, Key management Services, Security, System, and Windows power Shell.

For each listed event, you can view its type, date, time, event ID, and source. Double click on an event to view its details. Unfortunately, you cannot export all or selected events, but you will find option to export one event at a time in TXT or DOC/DOCX format.

You can also use this software to view event log of remote PC. For this, the remote PC must have the viewer PC added in admin group.

EventLog Inspector

Картинка с сайта: listoffreeware.com

EventLog Inspector is an amazing event log viewer software for Windows. Its perfect for system administration, as it lets you easily monitor events. It notifies you of critical events, sends notice as email, generates event log report, and does more.

You cannot view event log  directly with this software. It lets you generate a report of event logs. Event log reports can be generated separately for event categories under EventLogs tab. You can generate report containing event log for the following categories: Application, Hardware events, Internet explorer, Key management service, Security, System, and Windows PowerShell. Reports are generated in HTML format.

Apart from event log, you can also view service log. Options in Settings menu let you configure warning reporting parameters. Set up email configuration to send notifications and do much more with this free event log viewer.

Note: You can only use this software for free for non-commercial purposes.

EventSentry Light

Картинка с сайта: listoffreeware.com

EventSentry Light is the free version of EventSentry, which lets you view event log files. Although the light version has limited features, it does its job as an event log viewer software. You can also open and view event log files in a separate folder.

To view local event log, select the Event Log viewer option from the list available in the left panel on the interface. The event logs are displayed for Application, Security, and System event categories. Click on a category to view respective event logs in the right panel. For each event, their type, date, time, source, category, ID, Computer, and Number are displayed. Click on an event to view more details about it. To view a specific type of event, you can make use of Filter option.

It has various other features that can make the job of system administration easy. Visit the Full vs Light comparison page to know about the features available in the free version.

EVT LogParser

Картинка с сайта: listoffreeware.com

EVT LogParser is an event log viewer software, which is a bit different from the above listed event viewers. It is based on Microsoft Log Parser and can be used to view filtered out events from externally saved event log files.

If you have Event log files separately saved on your PC which you want to view, then you can use this software. Remember, it cannot open event log files stored at Windows’ default location to save event log files.

Simply select the event log files you want to view. Now, you have to set the query filter to view events you are looking to view. You can filter the Event log using the following filters: EventID, Event Type, Source, Message, From time, and To time. Based on the filter set by you, this free event log viewer displays events. Double click on an event to view its details.

That’s pretty much that you can do with this free event viewer software.