New virt tool virt-log now supports the Windows Event Log. If you have a recent Windows guest you can display the System event log by doing:
$ virt-log -d Win8 | less
What you will see is a very long XML file.
This requires an Evtx parser. I have now chosen this library for Fedora (it needs a reviewer, as you can see). The code is sensible and maintained.
It also only works for Windows ≥ Vista, because Microsoft completely rewrote the way that log files are stored, from one strange binary format to another strange binary format [so a little different from the systemd journal …].
As usual, patches to virt-log to support other guest operating systems are welcome.
Advertisements
