tag:blogger.com,1999:blog-7720349407754381923.post3962237888452556588..comments2022-03-24T03:55:29.240-05:00Comments on Dorian Software BLOG: Why Can't A Windows Server 2008 or Vista Log Be Viewed On My XP Machine?Dorian Software Dev Teamhttp://www.blogger.com/profile/09108130711873923202noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-7720349407754381923.post-63030207449515867062008-11-17T16:20:00.000-05:002008-11-17T16:20:00.000-05:00We are unaware of any such project. The EVTX form...We are unaware of any such project. The EVTX format is a proprietary binary XML file structure whose symbols, tokens, etc must be rendered using operating system functions. Unfortunately, those operating system functions are only available on Windows Vista, Server 2008, and later operating systems.<BR/><BR/>Our recommendation is to take advantage of virtual machines (e.g. on Microsoft Virtual PC) to run Windows Vista on Windows XP as needed. Our log management software titles can properly work with legacy EVT files alongside EVTX files when run on a Vista or later operating system. We call this technology LogRefiner.Dorian Software Dev Teamhttps://www.blogger.com/profile/09108130711873923202noreply@blogger.comtag:blogger.com,1999:blog-7720349407754381923.post-44745431549704881932008-11-17T15:51:00.000-05:002008-11-17T15:51:00.000-05:00Is anyone aware of an open source project to rever...Is anyone aware of an open source project to reverse engineer the ".evtx" file format? Or any insight into the file layout?<BR/><BR/>[obRegret: wish I had the time...]Anonymousnoreply@blogger.com