How to use WDumpEvt
- You must choose an object in the tree (see below
for the meaning of the symbol), or add a new one (computer or file).
- Then select the action
- Double-click on the object to display the list of the events in the right
- With the toolbar
- With a menu
- With the context menu (that you display by clicking on the object with the
right button of the mouse)
- And at last, with the context menu of the tray icon (generally on the
bottom right corner of the screen)
Structure of the tree:
- Local computer
- Eventlog (security, system or
- Source (depends of the eventlog)
- User sessions list of user
sessions based on events 528 and 538 of the Security eventlog, source Security,
- Logon failure list of the sessions
attempts based on events with audit failure type from Security eventlog, source
Security, category Logon/Logoff.
- Print list of
documents printed based on event 10 of the System eventlog, source Print.
- RAS list of RAS session based on event
20050 of the System eventlog, source RemoteAccess.
When you launch the software, an icon appears in the task bar at the bottom
right corner of your screen. You can display a menu by clicking on the icon with the right
button of the mouse.