This is the command evtexport that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
evtexport — exports items stored in a Windows Event Log (EVT)
SYNOPSIS
evtexport [-c codepage] [-l log_file] [-m mode] [-p message_files_path]
[-r registy_files_path] [-s system_file] [-S software_file] [-t event_log_type]
[-hvV] source
DESCRIPTION
evtexport is a utility to export items stored in a Windows Event Log (EVT)
evtexport is part of the libevt package. libevt is a library to access the Windows Event
Log (EVT) format
source is the source file.
The options are as follows:
-c codepage
specify the codepage of ASCII strings, options: ascii, windows-874, windows-932,
windows-936, windows-949, windows-950, windows-1250, windows-1251, windows-1252
(default), windows-1253, windows-1254, windows-1255, windows-1256, windows-1257 or
windows-1258
-h shows this help
-l log_file
specify the file in which to log information about the exported items
-m mode
export mode, option: all, items (default), recovered 'all' exports the (allocated)
items and recovered items, 'items' exports the (allocated) items and 'recovered'
exports the recovered items
-p message_files_path
search PATH for the resource files (default is the current working directory)
-r registy_files_path
name of the directory containing the SOFTWARE and SYSTEM (Windows) Registry file
-s system_file
filename of the SYSTEM (Windows) Registry file This option overrides the path
provided by -r
-S software_file
filename of the SOFTWARE (Windows) Registry file This option overrides the path
provided by -r
-t event_log_type
event log type, options: application, security, system if not specified the event
log type is determined based on the filename.
-v verbose output to stderr
-V print version
ENVIRONMENT
None
Use evtexport online using onworks.net services
