最新版 Event Log Explorer v5.5 更新於 2024/7/5
最新版 My Lockbox v5.0 更新於 2024/1/25
最新版 Hide Folders v6.0 更新於 2023/11/28
專為Windows 作業系統所設計的事件分析器
可查看、監視和分析跟事件記錄,包括安全、系統、應用程式和其他微軟Windows 的記錄被記載的事件。
系統在執行過程中,若是發生了任何問題或是啟動了任何動作,其實這些記錄都會以 log 的方式被記錄下來,但是,大多數的使用者其實並不具有看懂這些 log 資料的能力。
現在,只要透過 Event Log Explorer ,你也能夠非常簡單地瀏覽這些 log 的內容。
Event Log Explorer 能夠讓使用者查閱系統的安全性、系統、應用程式以及其他的紀錄事件,讓你能夠迅速地由這些被記錄下的事件中找出可能導致你的系統發生錯誤的原因,甚至還能夠查詢自己的系統是否受到不明的網路攻擊。
因此,如果你還是無法清楚掌握自己系統發生錯誤的原因,那麼不妨來試試 Event Log Explorer ,讓它幫助你對系統的事件進行分析吧。
提供強大的事件(log)搜索和過濾引擎
Event Log Explorer 還提供強大的事件(log)搜索和過濾引擎。您可以輕鬆地以任何標準來過濾列表中的事件。每個過濾器都可以保存到文件 - 當你未來想重新使用篩選器,就可以節省您的時間。
可列印事件日誌或單獨的個別事件
不同於一般的 Windows Event Viewer,Event Log Explorer 可列印事件日誌或單獨的個別事件。您也可以將事件日誌匯出成其他格式。
Event Log Explorer 支援匯出為HTML、Microsoft Excel 和製表符分隔 (tab-sepatated) 的純文字檔。
為了有效的事件分析,Event Log Explorer 提供先進的報告工具 - Analytical Reports 可讓您建立不同的結算總表 (summary tables) 和結算總圖 ( summary diagrams) 的分析報告。
連家庭用戶也適用
Event Log Explorer是一個專業的工具,連家庭用戶都能發現它真的有用。
對於一台家用電腦來說,它能監視系統事件 (System log) 和安全事件 (Security log)。
系統事件 (System log) 可幫您檢測硬體和系統故障、監控系統服務和其他資源。
安全事件 (Security log) 可審核您的系統和監控 Windows 資源,如:文件、文件夾和註冊金鑰、跟踪登錄嘗試的入侵和執行其他審計任務。
系統需求
Supported OS: Windows All
● Access Windows event logs and event log files on local and remote servers and workstations
Like Windows Event Viewer, Event Log Explorer accesses Windows event logs and event log files from both local and remote servers. However unlike Event Viewer, you can view several event logs (and log files) at one time — in different windows or even in one consolidated window (merged event log view).
● Support of both classic Windows NT event log format (EVT files) and new (Crimson) event log format (EVTX files)
When possible you can choose between legacy Windows NT API and modern Windows Event Log API to access Windows event logs and event log files. Modern API works a little slowly, but provides more detailed information about events.
● High performance — all events are loaded either into memory or into an optimized internal local database
To perform smooth event analysis, Event Log Explorer reads events into its own temporary storage. Depending on event log size, you can choose between memory and disk storage.
● Active monitoring and alerting — get informed about problems immediately
You can setup Event Log Explorer to monitor events generated by your systems and to notify you when a specific event has fired. This helps you to get informed about problems promptly and potentially before they affect you.
● Event log consolidation — you can consolidate different events in one place
Event Log Explorer allows you not only to read events from different sources, but to consolidate them in one event view. You can review such a view as a solid log. You can even save this consolidated event log as an EVT file.
● Tabbed-document and multiple-document user interface depending on user preferences
Event Log Explorer provides you with 2 user interface types. Multiple-document interface (MDI) allows you to open unlimited number of event logs and place them all inside the main window of Event Log Explorer. Tabbed-document interface (TDI) allows you to open unlimited number of event logs and features the best way of navigation between logs.
● Log loading options to pre-filter Windows event logs
With Event Log Explorer you may load events from dozens of Windows servers simultaneously. As a rule, you don't need to load all the events from all logs. E.g. you may want to exclude Information events or load only recent events. Log loading options help you to pre-filter events at loading stage.
● Advanced filtering by any criteria including event description text
You can easily filter events by any criteria. The filters are reusable - you can save them as a file and apply to other event logs. You can use regular expressions (Regexps) to filter by event description text. The application lets you link events by event ID and description parameters and filter out all other events. Such linked event filtering helps you to analyze Security log.
● Favorite computers and their logs are grouped into a tree
With Event Log Explorer you can view event logs on different Windows servers and workstations. For your convenience, you can group your computers in a tree. Then you can select the desired event log and it will be opened immediately.
● Manual and automatic backup of Windows event logs
Backing up event logs is a really important task. Very large event logs may affect system performance, but administrators must be able to analyze past events. The appropriate solution is to limit the size of Windows event logs, and backup event logs on regular basis. Event Log Explorer allows you to save event logs as event log files manually or automatically.
● Fast navigation with bookmarks
Modern Internet browsers allow you to save favorite URLs as bookmarks that can be easily restored. Similarly Event Log Explorer allows you to mark any events as bookmarked and then you can easily return to these events.
● Compatibility with well-known event knowledge bases
You can get more information about event in the public event knowledge bases. Event Log Explorer supports EventID.net and Microsoft knowlegebases.
● Color coding by Event ID
Color coding allows you to easily distinguish between different events. You can change text color, font style and background color for specific events.
● Print and export to different formats
With Event Log Explorer you can print Windows event logs and export to other formats. Print options let you select from several print styles. Event Log Explorer supports export to HTML, tab-separated and Excel documents.
● Analytical reports - summary tables and pivot charts
You can easily create pivot tables and pivot chart reports from your events. E.g. you can summarize event types by date or get statistics by event identifier, event source, and so on.
● Direct access to EVT files allowing you to read damaged EVT files and generate EVT files from chosen events
Event Log Explorer can access EVT files directly (without Windows Event Log API). This allows you to read damaged event logs, read event logs when Windows Event Log service is not available (e.g. in BartPE or other preinstalled environment). You can also generate your own EVT files.
● Direct access to EVTX files allowing you to read new EVTX files on old Windows
Event Log Explorer can access EVTX files directly (without new Windows Event Log API). This allows you to open new event log files (EVTX) on any computer, i.e. with Event Log Explorer you can read EVTX files on Windows XP machines
● Scheduler to run some event log tasks on schedule
You can automate some tasks using built-in scheduler. E.g. you can schedule event log export or print tasks.
● Credential manager
When you are opening an event log from a remote server, Event Log Explorer is trying to use your current credentials to access it. Sometimes you may need to access remote event logs using alternative credentials. Credential manager lets you store different credentials for each server and use them when you are trying to open remote Windows event log.
● Event list can be sorted by any column and in any direction
Like Windows Event Viewer, the program lets you sort event list by any column - just click on the column header, and event list will be re-sorted immediately. If you click on the column twice - the event list will be resorted in the backward direction. In the program preferences, you can set the default sorting which will be applied when you opening a log.
● Time correction
Event time is stored as UTC time. When you open a log generated on a server located in another time zone, you may want to virtually move to that time zone and view events from there. Time correction helps you to view event from any time zone.
● Servers import
If you manage a large network, you will find how easy you can import all your servers to the program. Just create a list of your servers and the program will import them all. You can also ask Event Log Explorer to scan your network (Active Directory) and build the list of your computers automatically.
| Event Log Explorer components | |||
| COMPONENT | STANDARD EDITION | ENTERPRISE EDITION | FORENSIC EDITION |
| Event Log Explorer Viewer main component of Event Log Explorer it has different features depending on the edition |
✔ | ✔ | ✔ |
| Elodea Event Collector collects events in the real time and saves them into a database |
✔ | ||
| Event Log Backup a utility to backup event logs into evtx files |
✔ | ✔ | ✔ |
| Event Log Database Exporter a utility to save event logs into a database (SQL Server) |
✔ | ||
| Event Log Exporter a utility to export event logs into different formats (Excel, OpenOffice spreadsheet, PDF, etc.) |
✔ | ✔ | |
| Event Log Explorer Viewer features | |||
| FEATURE | STANDARD EDITION | ENTERPRISE EDITION | FORENSIC EDITION |
| Supported sources of events | |||
| Live event logs local and remote |
✔ | ✔ | ✔ |
| Event log files EVTX and legacy EVT |
✔ | ✔ | ✔ |
| Damaged event log files EVTX and legacy EVT |
✔ | ||
| Logs in a database logs saved in an SQL server db |
✔ | ✔ | ✔ |
| Disk images imaged PC or deep scan of raw images |
✔ | ||
| Event log snapshots events saved in a file for future analysis |
✔ | ||
| Filter and search | |||
| XML filter XPath query |
✔ | ✔ | ✔ |
| Log loading filter exclude inessential events at the loading stage |
✔ | ✔ | ✔ |
| General filter the most powerful filtering option |
✔ | ✔ | ✔ |
| Quick filter quick way to set a simple filter |
✔ | ✔ | ✔ |
| Linked filter filter on linked events |
✔ | ✔ | ✔ |
| Special marking filter filter separate events in scripts |
✔ | ✔ | |
| General search search events using any criteria |
✔ | ✔ | ✔ |
| Go to date find an event of the specified date |
✔ | ✔ | ✔ |
| Reporting and export | |||
| Print events print event list using several predefined templates |
✔ | ✔ | ✔ |
| Export events export event list to Excel, Html, Text, PDF |
✔ | ✔ | ✔ |
| Analytical reports summary tables and pivot charts |
✔ | ✔ | ✔ |
| Custom columns | |||
| Custom columns user columns with with type support |
✔ | ✔ | ✔ |
| Maximum number of custom columns in a view | 5 | 30 | 30 |
| Formula script calculated custom columns |
✔ | ✔ | |
| Event log tasks | |||
| Event log task management create and modify user tasks |
✔ | ✔ | ✔ |
| Task templates create/modify task templates and create tasks based on the templates |
✔ | ✔ | ✔ |
| Predefined task templates a bunch of templates for everyday use |
✔ | ✔ | ✔ |
| Additional features | |||
| Workspaces store working environment in a workspace file |
✔ | ✔ | ✔ |
| Merging logs unite different event logs and log files in one log view |
✔ | ✔ | ✔ |
| Import computers from different sources Active Directory, XML file, text file |
✔ | ✔ | ✔ |
| Color coding by event type, source, id, description |
✔ | ✔ | ✔ |
| Time correction display event time in a specific time zone |
✔ | ✔ | ✔ |
| Bookmarks bookmarking for faster navigation between events |
✔ | ✔ | ✔ |
| Admin permission requirements program start requires elevation |
requires | requires | not require |
| Advanced features | |||
| Forensic specific options snapshots, deep scan, checking anomalies, disk images |
✔ | ||
| Description server if a description not available, get it from another source |
✔ except imaged PC |
✔ except imaged PC |
✔ |
| Credential manager store credentials to connect other computers/domains |
✔ | ✔ | ✔ |
| Scripting PascalScript to automate log-related tasks |
✔ | ✔ | |
Event Log Explorer main window
Event log drop-down menu
Event filtering
Event alerter
Pivot table
Event log drop-down menu
Files & Folders Password Protection
 |
Hide Folders — Software to protect your data from unauthorized access. |
 |
My Lockbox — The easiest way to hide and lock a folder. |
 |
Hide Folder Ext — Hide a folder on an external disk. |