Skip to Main Content
Microsoft Windows Vista operating system provides a new design of event log service, which is totally different with Windows NT operating system. It uses binary XML technology to organize the data. The structure of the event log file is complex and the information is not directviewing. This paper propose a solution that we adopt XML technology to parse Vista event log file and to present the result intuitively. The result can be applied into further computer forensics.