3
What's the Windows Server 2008 equivalent of the SecEvent.Evt file? So I can open the file itself on an external computer and see who logged in.
user131008
Posted 2012-10-17T11:33:01.197
Reputation: 31
Windows 2008 security logs file name?
Answers
2
On my system, the path to the Security log is
%SystemRoot%\System32\Winevt\Logs\Security.evtx
but this seems to be configurable.
The general solution is, if you right click on a log in the Event Viewer and choose Properties, it will give you the path to that log.
dsolimano
Posted 2012-10-17T11:33:01.197
Reputation: 2 778
2
%SystemRoot%\System32\Winevt\Logs\Security.evtx
Note the different extension, in Server 2008/Vista the event logging system was re-written including new file formats.
Better to use the standard APIs and tools (eg. Get-WinEvent in PowerShell) to remotely access than directly accessing the file.
Richard
Posted 2012-10-17T11:33:01.197
Reputation: 8 152