Another consultant emailed me a .evt file recently for review. Which is great,except I frequently go days now without sitting in front of a Windows workstation –or at least,not one that isn’t broken and in need of fixing. So,I needed to find a Windows Event Log viewer.
There isn’t currently one in the Debian or Ubuntu repositories,but I did find a free-as-in-beer tool at TZWorks,LLC which did the trick nicely. It’s currently available for download in Windows,Linux (i386),and Mac versions –I haven’t tested the Mac version,but the Windows and Linux versions both run fine and do the job well,both for the older .evt and the newer .evtx (Vista and up) formats.
Note:the Linux binary provided is currently 32-bit only,so if you’re running a 64-bit system you’ll either need to install ia32-libs (apt-get install ia32-libs on Debian or Ubuntu),or just run the Windows version under WINE.