Windows: Convert an ETL (Event tracing file) into a human readable format

2 clicks for more data protection: Only when you click here, the button will be come active and you can send your recommendation to Flattr. When activating, data are transmitted to third parties. nicht mit Flattr verbunden
When you activate these fields by clicking, information to Flattr may be transferred abroad, and probably may also stored there.

Hi,

event tracing files, for example produced by wusa.exe log parameter, are binary files. The powershell command let Get-WinEvent couldn’t open it but Windows Eventviewer is able to read those files.
There is also an option to convert ETL files.

The command line utility tracerpt.exe could convert it in different formats:
– CSV
– Evtx (Eventlog format, then Get-WinEvent can read this)
– XML

This converts a ETL file into a csv file

1	`PS D:\> tracerpt.exe kb5055518.log.etl` `-of` `csv` `-o` `kb5055518.csv`

or to an evtx file

PS D:\> tracerpt.exe kb5055518.log.etl -of evtx -o kb5055518.evtx
PS D:\> Get-WinEvent -Path kb5055518.evtx

Michael

My Knowledgebase for things about Linux, Windows, VMware, Electronic and so on…