table of contents
evtinfo | LOCAL | evtinfo |
NAME¶
evtinfo
—
determines information about a Windows Event Log
(EVT)
SYNOPSIS¶
evtinfo |
[-c codepage]
[-hvV ] source |
DESCRIPTION¶
evtinfo
is a utility to determine
information about a Windows Event Log (EVT)
evtinfo
is part of the
libevt
package. libevt
is a
library to access the Windows Event Log (EVT) format
source is the source file.
The options are as follows:
-c
codepage- specify the codepage of ASCII strings, options: ascii, windows-874, windows-932, windows-936, windows-949, windows-950, windows-1250, windows-1251, windows-1252 (default), windows-1253, windows-1254, windows-1255, windows-1256, windows-1257 or windows-1258
-h
- shows this help
-v
- verbose output to stderr
-V
- print version
ENVIRONMENT¶
None
FILES¶
None
EXAMPLES¶
# evtinfo AppEvent.Evt evtinfo 20120624 Windows Event Log (EVT) information: Version : 1.1 Number of records : 19 Number of recovered records : 0 Log type : Application Flags: Should be archived
DIAGNOSTICS¶
Errors, verbose and debug output are printed to stderr when verbose output -v is enabled. Verbose and debug output are only printed when enabled at compilation.
BUGS¶
Please report bugs of any kind to <joachim.metz@gmail.com> or on the project website: https://github.com/libyal/libevt/
AUTHOR¶
These man pages were written by Joachim Metz.
COPYRIGHT¶
Copyright (C) 2011-2020, Joachim Metz <joachim.metz@gmail.com>. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
SEE ALSO¶
April 13, 2019 | libevt |