Skip to content
EVTX parser

Glossary

EVTX

The binary Windows Event Log format introduced with Windows Vista (2007), replacing the older flat-record .evt format.

The binary Windows Event Log format introduced with Windows Vista (2007), replacing the older flat-record .evt format. Each .evtx file is a sequence of 64 KB chunks; per-record values are bound at parse time to XML templates stored once per chunk.