Where/how does Windows store the data in the event logs?

windows windows-event-log

With Windows 2000/Server2003/Windows XP, the logs are stored in the %SystemRoot%\System32\Config directory, with an .evt extension.

With Server 2008/Vista and up, the log are stored in the %SystemRoot%\system32\winevt\logs directory, and have an .evtx extension. It's possible to convert old .evt files to the newer .evtx format

Within the Computer Manager you can also export them to a .txt or .csv file.

Related

How can I check if VMware tools is running on my guest Ubuntu Server? [closed]
How can I get the Bridged IP address of a VirtualBox VM running in headless mode?
Is there a Windows command line utility to verify user credentials?
Nginx resolver address from /etc/resolv.conf
Disable TLS 1.0 in NGINX
How to diagnose a Windows blue screen?
OS X determine which application is accessing a HDD and preventing ejection?
.htaccess is ignored even though VirtualHost has "AllowOverride All"
Do I need to restart server after a linux kernel update?
Running Ansible task as a specific user
Install Xvfb via yum - yum repository for Xvfb?
How to reset munin graphs