Hi all.
Maybe you know that Window 10 has another format of tracing files. It's ETW. And Windows Update logs are now generated using ETW (Event Tracing for Windows) too.
So if you would like to watch to c:\WindowsUpdate.log file ypu can read only one hint:
Please run the Get-WindowsUpdateLog PowerShell command to convert ETW traces into a readable WindowsUpdate.log.
No problem. You can launch Powershell concole and type it for run:
Do you know where live your Powershell? No. Ok.
You can do it manually with tracerpt.exe utility yourself.
Our example:
tracerpt.exe c:\windows\logs\WindowsUpdate\WindowsUpdate.20180505.075600.137.1.etl -o d:\1.csv -of CSV
tracerpt.exe c:\windows\logs\WindowsUpdate\WindowsUpdate.20180505.123139.142.1.etl -o d:\2.csv -of CSV
copy 1.csv+2.csv WindowsUpdate.log
Just a minute, I know plus one utility which can give us conversion of ETW files to text. If you find yourself in a situation where you need to convert some Windows Update .ETL files into human readable format and the Get-WindowsUpdateLog PowerShell cmdlet isn’t available for whatever reason, you can use TraceFmt.exe to do this for you.
However the TraceFmt utility available through both the Windows Software Development Kit (SDK) and Windows Driver Kit (WDK). It takes the details in the trace logs and outputs a human-readable text file containing the formatted trace messages. How does it work?
%SystemRoot%\Logs\WindowsUpdate\Windowsupdate.103937.1.etl
%SystemRoot%\Logs\WindowsUpdate\Windowsupdate.103937.10.etl
-r srv*%SystemDrive%\Symbols*https://msdl.microsoft.com/download/symbols
See you later.
Maybe you know that Window 10 has another format of tracing files. It's ETW. And Windows Update logs are now generated using ETW (Event Tracing for Windows) too.
So if you would like to watch to c:\WindowsUpdate.log file ypu can read only one hint:
Please run the Get-WindowsUpdateLog PowerShell command to convert ETW traces into a readable WindowsUpdate.log.
No problem. You can launch Powershell concole and type it for run:
Get-WindowsUpdateLog -Verbose
So, Powershell with tracerpt.exe utility will make for you huge final WindowsUpdate.log file directly to your Desktop.
You can do it manually with tracerpt.exe utility yourself.
Our example:
tracerpt.exe c:\windows\logs\WindowsUpdate\WindowsUpdate.20180505.075600.137.1.etl -o d:\1.csv -of CSV
tracerpt.exe c:\windows\logs\WindowsUpdate\WindowsUpdate.20180505.123139.142.1.etl -o d:\2.csv -of CSV
copy 1.csv+2.csv WindowsUpdate.log
Just a minute, I know plus one utility which can give us conversion of ETW files to text. If you find yourself in a situation where you need to convert some Windows Update .ETL files into human readable format and the Get-WindowsUpdateLog PowerShell cmdlet isn’t available for whatever reason, you can use TraceFmt.exe to do this for you.
However the TraceFmt utility available through both the Windows Software Development Kit (SDK) and Windows Driver Kit (WDK). It takes the details in the trace logs and outputs a human-readable text file containing the formatted trace messages. How does it work?
Our example:
tracefmt.exe -o "%UserProfile%\Desktop\WindowsUpdate.log"%SystemRoot%\Logs\WindowsUpdate\Windowsupdate.103937.1.etl
%SystemRoot%\Logs\WindowsUpdate\Windowsupdate.103937.10.etl
-r srv*%SystemDrive%\Symbols*https://msdl.microsoft.com/download/symbols
See you later.
1 comment:
Конвертируем файл .etl в .txt:
netsh trace convert input=trace.etl output=trace.txt dump=txt > nul
Post a Comment
А что вы думаете по этому поводу?