Discussion:
Read and/or convert Windows log files .evtx on a Mac?
Winfried Huslik
2012-11-05 14:25:58 UTC
Permalink
How can I read and/or convert Windows log files .evtx on a Mac?

Thanks for your help!
Winfried
Malcolm Fitzgerald
2012-11-05 21:34:46 UTC
Permalink
Have you tried TextWrangler (free download) or the console (found in /Applications/Utilities) ?

Malcolm
Post by Winfried Huslik
How can I read and/or convert Windows log files .evtx on a Mac?
Thanks for your help!
Winfried
_______________________________________________
FMPexperts mailing list
http://lists.ironclad.net.au/listinfo.cgi/fmpexperts-ironclad.net.au
Tim 'Webko' Booth
2012-11-06 00:09:38 UTC
Permalink
Log files are (generally) plain text... Just using a text editor, or
renaming them to .log or ,txt should do the trick
Post by Malcolm Fitzgerald
Have you tried TextWrangler (free download) or the console (found in
/Applications/Utilities) ?
Malcolm
Post by Winfried Huslik
How can I read and/or convert Windows log files .evtx on a Mac?
Thanks for your help!
Winfried
_______________________________________________
FMPexperts mailing list
http://lists.ironclad.net.au/listinfo.cgi/fmpexperts-ironclad.net.au
_______________________________________________
FMPexperts mailing list
http://lists.ironclad.net.au/listinfo.cgi/fmpexperts-ironclad.net.au
Winfried Huslik
2012-11-06 00:15:25 UTC
Permalink
Thanks Malcom, thanks Tim,

.evtx is not any kind of text file, it's a SQL like format that requires a Windows tool to read. It is not compatible with MySQL or SQLight.
Since I have to read mixed platform server logs on a Mac I do not want to start up Windows just for that and transfer files to and fro.

Winfried
Post by Malcolm Fitzgerald
Have you tried TextWrangler (free download) or the console (found in /Applications/Utilities) ?
Malcolm
Post by Winfried Huslik
How can I read and/or convert Windows log files .evtx on a Mac?
Thanks for your help!
Winfried
_______________________________________________
FMPexperts mailing list
http://lists.ironclad.net.au/listinfo.cgi/fmpexperts-ironclad.net.au
_______________________________________________
FMPexperts mailing list
http://lists.ironclad.net.au/listinfo.cgi/fmpexperts-ironclad.net.au
Mikhail Edoshin
2012-11-06 10:44:12 UTC
Permalink
Hi Winfried,

It seems to be a variant of binary XML. Maybe you can use tools from this
page:

http://computer.forensikblog.de/en/topics/windows/vista-event-log/

They appear to be written in Perl, so they probably can run on Mac OS X too.

Kind regards,
Mikhail

-----Original Message-----
From: Winfried Huslik
Sent: Tuesday, November 06, 2012 4:15 AM
To: fmpexperts-YhOVfwX2n+***@public.gmane.org
Subject: Re: Read and/or convert Windows log files .evtx on a Mac?

Thanks Malcom, thanks Tim,

.evtx is not any kind of text file, it's a SQL like format that requires a
Windows tool to read. It is not compatible with MySQL or SQLight.
Since I have to read mixed platform server logs on a Mac I do not want to
start up Windows just for that and transfer files to and fro.

Winfried
Post by Malcolm Fitzgerald
Have you tried TextWrangler (free download) or the console (found in
/Applications/Utilities) ?
Malcolm
Post by Winfried Huslik
How can I read and/or convert Windows log files .evtx on a Mac?
Thanks for your help!
Winfried
_______________________________________________
FMPexperts mailing list
http://lists.ironclad.net.au/listinfo.cgi/fmpexperts-ironclad.net.au
_______________________________________________
FMPexperts mailing list
http://lists.ironclad.net.au/listinfo.cgi/fmpexperts-ironclad.net.au
Loading...