最新版 Event Log Explorer v5.4 更新於 2023/10/18
最新版 Hide Folders v5.9 更新於 2023/9/8
最新版 My Lockbox v4.4
專為Windows 作業系統所設計的事件分析器
可查看、監視和分析跟事件記錄,包括安全、系統、應用程式和其他微軟Windows 的記錄被記載的事件。
系統在執行過程中,若是發生了任何問題或是啟動了任何動作,其實這些記錄都會以 log 的方式被記錄下來,但是,大多數的使用者其實並不具有看懂這些 log 資料的能力。
現在,只要透過 Event Log Explorer ,你也能夠非常簡單地瀏覽這些 log 的內容。
Event Log Explorer 能夠讓使用者查閱系統的安全性、系統、應用程式以及其他的紀錄事件,讓你能夠迅速地由這些被記錄下的事件中找出可能導致你的系統發生錯誤的原因,甚至還能夠查詢自己的系統是否受到不明的網路攻擊。
因此,如果你還是無法清楚掌握自己系統發生錯誤的原因,那麼不妨來試試 Event Log Explorer ,讓它幫助你對系統的事件進行分析吧。
提供強大的事件(log)搜索和過濾引擎
Event Log Explorer 還提供強大的事件(log)搜索和過濾引擎。您可以輕鬆地以任何標準來過濾列表中的事件。每個過濾器都可以保存到文件 - 當你未來想重新使用篩選器,就可以節省您的時間。
可列印事件日誌或單獨的個別事件
不同於一般的 Windows Event Viewer,Event Log Explorer 可列印事件日誌或單獨的個別事件。您也可以將事件日誌匯出成其他格式。
Event Log Explorer 支援匯出為HTML、Microsoft Excel 和製表符分隔 (tab-sepatated) 的純文字檔。
為了有效的事件分析,Event Log Explorer 提供先進的報告工具 - Analytical Reports 可讓您建立不同的結算總表 (summary tables) 和結算總圖 ( summary diagrams) 的分析報告。
連家庭用戶也適用
Event Log Explorer是一個專業的工具,連家庭用戶都能發現它真的有用。
對於一台家用電腦來說,它能監視系統事件 (System log) 和安全事件 (Security log)。
系統事件 (System log) 可幫您檢測硬體和系統故障、監控系統服務和其他資源。
安全事件 (Security log) 可審核您的系統和監控 Windows 資源,如:文件、文件夾和註冊金鑰、跟踪登錄嘗試的入侵和執行其他審計任務。
系統需求
Supported OS: Vista, 7, 8, 10, 11, 2008, 2012, 2016, 2020
● Access Windows event logs and event log files on local and remote servers and workstations
Like Windows Event Viewer, Event Log Explorer accesses Windows event logs and event log files from both local and remote servers. However unlike Event Viewer, you can view several event logs (and log files) at one time — in different windows or even in one consolidated window (merged event log view).
● Support of both classic Windows NT event log format (EVT files) and new (Crimson) event log format (EVTX files)
When possible you can choose between legacy Windows NT API and modern Windows Event Log API to access Windows event logs and event log files. Modern API works a little slowly, but provides more detailed information about events.
● High performance — all events are loaded either into memory or into an optimized internal local database
To perform smooth event analysis, Event Log Explorer reads events into its own temporary storage. Depending on event log size, you can choose between memory and disk storage.
● Active monitoring and alerting — get informed about problems immediately
You can setup Event Log Explorer to monitor events generated by your systems and to notify you when a specific event has fired. This helps you to get informed about problems promptly and potentially before they affect you.
● Event log consolidation — you can consolidate different events in one place
Event Log Explorer allows you not only to read events from different sources, but to consolidate them in one event view. You can review such a view as a solid log. You can even save this consolidated event log as an EVT file.
● Tabbed-document and multiple-document user interface depending on user preferences
Event Log Explorer provides you with 2 user interface types. Multiple-document interface (MDI) allows you to open unlimited number of event logs and place them all inside the main window of Event Log Explorer. Tabbed-document interface (TDI) allows you to open unlimited number of event logs and features the best way of navigation between logs.
● Log loading options to pre-filter Windows event logs
With Event Log Explorer you may load events from dozens of Windows servers simultaneously. As a rule, you don't need to load all the events from all logs. E.g. you may want to exclude Information events or load only recent events. Log loading options help you to pre-filter events at loading stage.
● Advanced filtering by any criteria including event description text
You can easily filter events by any criteria. The filters are reusable - you can save them as a file and apply to other event logs. You can use regular expressions (Regexps) to filter by event description text. The application lets you link events by event ID and description parameters and filter out all other events. Such linked event filtering helps you to analyze Security log.
● Favorite computers and their logs are grouped into a tree
With Event Log Explorer you can view event logs on different Windows servers and workstations. For your convenience, you can group your computers in a tree. Then you can select the desired event log and it will be opened immediately.
● Manual and automatic backup of Windows event logs
Backing up event logs is a really important task. Very large event logs may affect system performance, but administrators must be able to analyze past events. The appropriate solution is to limit the size of Windows event logs, and backup event logs on regular basis. Event Log Explorer allows you to save event logs as event log files manually or automatically.
● Fast navigation with bookmarks
Modern Internet browsers allow you to save favorite URLs as bookmarks that can be easily restored. Similarly Event Log Explorer allows you to mark any events as bookmarked and then you can easily return to these events.
● Compatibility with well-known event knowledge bases
You can get more information about event in the public event knowledge bases. Event Log Explorer supports EventID.net and Microsoft knowlegebases.
● Color coding by Event ID
Color coding allows you to easily distinguish between different events. You can change text color, font style and background color for specific events.
● Print and export to different formats
With Event Log Explorer you can print Windows event logs and export to other formats. Print options let you select from several print styles. Event Log Explorer supports export to HTML, tab-separated and Excel documents.
● Analytical reports - summary tables and pivot charts
You can easily create pivot tables and pivot chart reports from your events. E.g. you can summarize event types by date or get statistics by event identifier, event source, and so on.
● Direct access to EVT files allowing you to read damaged EVT files and generate EVT files from chosen events
Event Log Explorer can access EVT files directly (without Windows Event Log API). This allows you to read damaged event logs, read event logs when Windows Event Log service is not available (e.g. in BartPE or other preinstalled environment). You can also generate your own EVT files.
● Direct access to EVTX files allowing you to read new EVTX files on old Windows
Event Log Explorer can access EVTX files directly (without new Windows Event Log API). This allows you to open new event log files (EVTX) on any computer, i.e. with Event Log Explorer you can read EVTX files on Windows XP machines
● Scheduler to run some event log tasks on schedule
You can automate some tasks using built-in scheduler. E.g. you can schedule event log export or print tasks.
● Credential manager
When you are opening an event log from a remote server, Event Log Explorer is trying to use your current credentials to access it. Sometimes you may need to access remote event logs using alternative credentials. Credential manager lets you store different credentials for each server and use them when you are trying to open remote Windows event log.
● Event list can be sorted by any column and in any direction
Like Windows Event Viewer, the program lets you sort event list by any column - just click on the column header, and event list will be re-sorted immediately. If you click on the column twice - the event list will be resorted in the backward direction. In the program preferences, you can set the default sorting which will be applied when you opening a log.
● Time correction
Event time is stored as UTC time. When you open a log generated on a server located in another time zone, you may want to virtually move to that time zone and view events from there. Time correction helps you to view event from any time zone.
● Servers import
If you manage a large network, you will find how easy you can import all your servers to the program. Just create a list of your servers and the program will import them all. You can also ask Event Log Explorer to scan your network (Active Directory) and build the list of your computers automatically.
版本介紹
Compare editions of Event Log Explorer
Event Log Explorer has three editions: Standard, Forensic and Enterprise.
The standard edition is intended for IT managers, QA and tech support personal. It includes Event Log Explorer (viewer) and some command-line tools for event log backup.
The forensic edition is intended for forensic examiners. It extends Event Log Explorer (viewer) by specific forensic features.
The enterprise edition is intended for system and security administrators and IT auditors. This edition extends the standard one by Elodea event collector which automatically collects events across the network and store them into a database with optional notifications on specific events. It also includes event log export command line tools to export events into a database, Excel, PDF, ODS, CSV, and HTML formats.
You can receive the following benefits from using Event Log Explorer Forensic Edition:
Easy access to event logs on a disk image
You can scan any disk image for events or mount this image as a drive and work with this drive as you work with a "live" computer.
Working with damaged files
Event Log Explorer can read available events from damaged event log files.
Taking and loading event log snapshots
Event Log Explorer can save a log view for the further analysis. You can work with a snapshot exactly like you work with an event log file, but snapshots may store extended information.
Scripting
Automate your work or set your own specific filter conditions using scripts.
You can receive the following benefits from using Event Log Explorer Enterprise Edition:
Troubleshooting
If you server becomes unavailable, you can check the last error and warning events on the server to find the reason of the problem.
Forensic analysis
You can audit security logs across the corporate network to detect unauthorized access, computer misuse or other user activities.
Network maintenance
Having events from different sources in one consolidated event database lets you analyze them in one place and find potential problems before they appear.
Fast reaction
You can choose to get notified when important events occur in the event logs. E.g., you can get email if disk space is low on your domain controller. Such a notification lets you fix the issue quickly and avoid network outrage.
Regulatory compliance
It uses the industrial standard database (MS SQL Server) to store events. All events are stored in a simple and user-friendly format. So, you can use any report generator to build compliance reports to meet the regulatory requirements.
Scripting
Automate your work or set your own specific filter conditions using scripts.
版本比較
Component | Standard Edition | Forensic Edition | Enterprise Edition |
Event Log Explorer Viewer | ✔ | ✔ | ✔ |
Working with disk images | - | ✔ | - |
Reading damaged log files | - | ✔ | - |
Saving and loading snapshots | - | ✔ | - |
Scripting | - | ✔ | ✔ |
Elodea Event Collector | - | - | ✔ |
Event Log Backup | ✔ | ✔ | ✔ |
Event Log Database Exporter | - | - | ✔ |
Event Log Exporter | - | ✔ | ✔ |
Files & Folders Password Protection
Hide Folders — Software to protect your data from unauthorized access. |
|
My Lockbox — The easiest way to hide and lock a folder. |
|
Hide Folder Ext — Hide a folder on an external disk. |
|
Cryptic Disk — Create virtual encrypted disks and encrypt hard disks, USB drives and memory cards. Encryption takes place in real time and does not affect computer performance. Data encryption makes use of the best algorithms (AES/Rijndael, Serpent, Twofish, Blowfish, CAST6), and takes place in real time without affecting computer performance. |