Information about the .evtx (evtx) file type

Below is all the information we have available on file about the .evtx (evtx) file type.

.evtx
Windows 2008 and Windows 7 event log file.

Also known as an event log archive file.

These files are used by Windows to record events - information messages, warning messages and error messages.

The .evtx files that Windows uses and maintaines are located in the folder:

C:\Windows\System32\winevt\Logs

These files (at least the ones in the folder above) should not be deleted. They can be cleared (reducing their size, but not quite to zero) using Event Viewer:

  1. Start Event Viewer
  2. Find the log (the "Application" log under "Windows Logs" is typically one of the largest).
  3. Right click on the log and select "Clear Log..."

    You will have the option to save the log file contents else where first if you want. Otherwise this will simply clear the log file reclaiming the space used.

You can also limit the size of a log file:

  1. Start Event Viewer
  2. Find the log.
  3. Right click on the log and select "Properties"
  4. You can now specify the maximum size and what should happen when the log file reaches that maximum size.

    It is suggested that you select "Overwrite events as needed" (or "Archive the log when full" if you need to keep old events). Selecting "Do not overwrite events" can cause problems for some Windows applications should the log file become full.

Earlier versions of Windows used a .evt file.

The following link provides further information related to the .evtx file extension:

Where this is available we would like to include file format information on .evtx files, as well as information on how to view or open files of type .evtx. If you know of any information which we have missed then please let us know.