3
What's the Windows Server 2008 equivalent of the SecEvent.Evt file? So I can open the file itself on an external computer and see who logged in.
3
What's the Windows Server 2008 equivalent of the SecEvent.Evt file? So I can open the file itself on an external computer and see who logged in.
2
On my system, the path to the Security log is
%SystemRoot%\System32\Winevt\Logs\Security.evtx
but this seems to be configurable.
The general solution is, if you right click on a log in the Event Viewer and choose Properties
, it will give you the path to that log.
2
%SystemRoot%\System32\Winevt\Logs\Security.evtx
Note the different extension, in Server 2008/Vista the event logging system was re-written including new file formats.
Better to use the standard APIs and tools (eg. Get-WinEvent
in PowerShell) to remotely access than directly accessing the file.