29

We run some financial systems that log error messages to the system logs. I need to find out if we can clean these error messages from a PCI DSS point of view.

I am specificaly interested in the answer for:

  • Windows 2000 Server and
  • Windows 2003 SP1
1
  • 1
    Ron, Windows 2000 reached end-of-life in 2010, and afaik a system running Windows 2000 cannot be considered PCI compliant.
    – Lucky Luke
    Commented Jul 19, 2012 at 15:34

1 Answer 1

40

With Windows 2000/Server2003/Windows XP, the logs are stored in the %SystemRoot%\System32\Config directory, with an .evt extension.

With Server 2008/Vista and up, the log are stored in the %SystemRoot%\system32\winevt\logs directory, and have an .evtx extension. It's possible to convert old .evt files to the newer .evtx format

Within the Computer Manager you can also export them to a .txt or .csv file.

4
  • 30
    In case any future readers come here looking for the Windows Vista/7/Server2008 location, here it is: %SystemRoot%\system32\winevt\logs
    – Skyhawk
    Commented Jun 23, 2010 at 18:56
  • 4
    @MilesErickson, thank you - from a future reader :)
    – Moo-Juice
    Commented Oct 14, 2013 at 13:14
  • can you please tell me which file hold the details for copy and paste done in system? Commented Nov 26, 2015 at 6:46
  • @NarendraJaggi There is no log of copy and paste operations. Why would such a thing even exist?!?
    – Massimo
    Commented Apr 4, 2016 at 21:27

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .