I
ironmanwannabe
Hi,
I have tried to follow the blog Get-WindowsUpdateLog…If it were only that easy…. but is not successful.
For the Prerequisites, I managed to get the TraceFMT.exe after installing Visual Studio Community 2017.I have to copy the "TraceFMT.exe" from "C:\Program Files (x86)\Windows Kits\10\bin\10.0.17763.0" to "C:\Program Files (x86)\Windows Kits\10\bin\x86" so that the powershell script can work.
For windows symbol, what is the correct way to download from the URL Microsoft public symbol server - Windows drivers ? I cannot get it working and I found from the internet a command ""C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\symchk.exe" /r c:\windows /s SRV*c:\symbols\*Symbol information" which downloaded 375MB of files.
For the powershell script, I use the command "WindowsUpdateLogs.ps1' -Computer localhost -WorkDir C:\windows_log\work\ -SymbolPath C:\symbols\ -TraceFMTPath C:\windows_log\". The output is still gibberish below
"1601/01/01 08:00:00.0000000 1400 10752 Unknown( 194): GUID=73de0981-ccec-34e9-f8c8-ebd29e0a12ba (No Format Information found)."
I have also tried the method from the blog Windows 10, WindowsUpdate.log and how to view it with PowerShell or Tracefmt.exe – Charles Allen’s Blog but is not successful.
Any has successfully converted windowslogs.etl format and has the detailed steps to share?
Thanks,
Chiew Sheng
Continue reading...
I have tried to follow the blog Get-WindowsUpdateLog…If it were only that easy…. but is not successful.
For the Prerequisites, I managed to get the TraceFMT.exe after installing Visual Studio Community 2017.I have to copy the "TraceFMT.exe" from "C:\Program Files (x86)\Windows Kits\10\bin\10.0.17763.0" to "C:\Program Files (x86)\Windows Kits\10\bin\x86" so that the powershell script can work.
For windows symbol, what is the correct way to download from the URL Microsoft public symbol server - Windows drivers ? I cannot get it working and I found from the internet a command ""C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\symchk.exe" /r c:\windows /s SRV*c:\symbols\*Symbol information" which downloaded 375MB of files.
For the powershell script, I use the command "WindowsUpdateLogs.ps1' -Computer localhost -WorkDir C:\windows_log\work\ -SymbolPath C:\symbols\ -TraceFMTPath C:\windows_log\". The output is still gibberish below
"1601/01/01 08:00:00.0000000 1400 10752 Unknown( 194): GUID=73de0981-ccec-34e9-f8c8-ebd29e0a12ba (No Format Information found)."
I have also tried the method from the blog Windows 10, WindowsUpdate.log and how to view it with PowerShell or Tracefmt.exe – Charles Allen’s Blog but is not successful.
Any has successfully converted windowslogs.etl format and has the detailed steps to share?
Thanks,
Chiew Sheng
Continue reading...