evtinfo(1)
is a utility to determine information about a Windows Event Log (EVT) is part of the package.
Description
evtinfo() LOCAL evtinfo()
NAME
evtinfo — determines information about a Windows Event Log (EVT)
SYNOPSIS
evtinfo [-c codepage] [-hvV] source
DESCRIPTION
evtinfo is a utility to determine information about a Windows Event Log (EVT)
evtinfo is part of the libevt package. libevt is a library to access the Windows Event Log (EVT) format
source is the source file.
The options are as follows:
-c codepage
specify the codepage of ASCII strings, options: ascii, windows-874, windows-932, windows-936, windows-949, windows-950, windows-1250, windows-1251, windows-1252 (default), windows-1253, windows-1254, windows-1255, windows-1256, windows-1257 or windows-1258
-h
shows this help
-v
verbose output to stderr
-V
print version
ENVIRONMENT
None
FILES
None
EXAMPLES
# evtinfo AppEvent.Evt
evtinfo 20120624
Windows Event Log (EVT) information:
|
Version |
: 1.1 |
|||||
|
Number of records |
: 19 |
|||||
|
Number of recovered records |
: 0 |
|||||
|
Log type |
: Application |
|||||
|
Flags: |
||||||
|
Should be archived |
DIAGNOSTICS
Errors, verbose and debug output are printed to stderr when verbose output -v is enabled. Verbose and debug output are only printed when enabled at compilation.
BUGS
Please report bugs of any kind to <joachim.metz@gmail.com> or on the project website: https://github.com/libyal/libevt/
AUTHOR
These man pages were written by Joachim Metz.
COPYRIGHT
Copyright (C) 2011-2020, Joachim Metz <joachim.metz@gmail.com>. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
SEE ALSO
evtexport(1) libevt April 13, 2019 evtinfo()