EVTX and Windows Event Logging
This paper will explore Microsoft's EVTX log format and Windows Event Logging framework. The EVTX data stream and structure will be defined as a basis for the Windows Event Logging framework and log subscription components that can be used to collect and correlate logs in a complex Windows-based environment.
32949 (PDF, 2.52MB)
13 Nov 2008ByBrandon Charter