TZWorks Windows Event Log Viewer (evtx_view)Popular
evtx_view ?a GUI based tool that can parse Windows event logs from all versions of Windows starting with Windows XP. This includes Vista, Windows 7, Windows 8 and the server counter parts.
The output is presented as a tree-view where one can select the components of an event log and display their internal structure. The tool allows one to generate reports for certain specific event log categories, such as USB plug?n?play events, credential changes, password changes, etc. If one of the available reports does not address an analyst's needs, there is an option for a custom, user?generated report to be used and processed.