GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  EVTXEXPORT (1)

NAME

evtxexport - exports items stored in a Windows XML EventViewer Log (EVTX) file

CONTENTS

Synopsis
Description
Environment
Files
Examples
Diagnostics
Bugs
Author
Copyright
See Also

SYNOPSIS

evtxexport [-c codepage] [-f format] [-l log_file] [-m mode] [-p message_files_path] [-r registy_files_path] [-s system_file] [-S software_file] [-t event_log_type] [-hTvV] source

DESCRIPTION

evtxexport is a utility to export items stored in a Windows XML EventViewer Log (EVTX) file

evtxexport is part of the libevtx package. libevtx is a library to access the Windows XML EventViewer Log (EVTX) file

source is the source file.

The options are as follows:
-c codepage
  specify the codepage of ASCII strings, options: ascii, windows-874, windows-932, windows-936, windows-949, windows-950, windows-1250, windows-1251, windows-1252 (default), windows-1253, windows-1254, windows-1255, windows-1256, windows-1257 or windows-1258
-f format
  output format, options: xml, text (default)
-h shows this help
-l log_file
  specify the file in which to log information about the exported items
-m mode
  export mode, option: all, items (default), recovered ’all’ exports the (allocated) items and recovered items, ’items’ exports the (allocated) items and ’recovered’ exports the recovered items
-p message_files_path
  search PATH for the resource files (default is the current working directory)
-r registy_files_path
  name of the directory containing the SOFTWARE and SYSTEM (Windows) Registry file
-s system_file
  filename of the SYSTEM (Windows) Registry file This option overrides the path provided by -r
-S software_file
  filename of the SOFTWARE (Windows) Registry file This option overrides the path provided by -r
-t event_log_type
  event log type, options: application, security, system if not specified the event log type is determined based on the filename.
-T use event template definitions to parse the event record data
-v verbose output to stderr
-V print version

ENVIRONMENT

None

FILES

None

EXAMPLES

# evtxexport evtxexport -p c/ -r c/Windows/System32/config/ c/Windows/System32/winevt/Logs/Apllication.Evtx
evtxexport 20120910

    ...

DIAGNOSTICS

Errors, verbose and debug output are printed to stderr when verbose output -v is enabled. Verbose and debug output are only printed when enabled at compilation.

BUGS

Please report bugs of any kind to <joachim.metz@gmail.com> or on the project website: https://github.com/libyal/libevtx/

AUTHOR

These man pages were written by Joachim Metz.

COPYRIGHT

Copyright (C) 2011-2016, Joachim Metz <joachim.metz@gmail.com>. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

SEE ALSO

evtxinfo(1)
Search for    or go to Top of page |  Section 1 |  Main Index


Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.