< Back
Get-WindowsUpdateLog
Post
NAME
Get-WindowsUpdateLog
SYNOPSIS
Merges Windows Update .etl files into a single log file.
SYNTAX
Get-WindowsUpdateLog [[-ETLPath] <String[]>] [[-LogPath] <String>] [[-SymbolServer] <String>] [-ForceFlush] [-InformationAction {SilentlyContinue | Stop
| Continue | Inquire | Ignore | Suspend}] [-InformationVariable <String>] [-ProcessingType {CSV | XML}] [-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The Get-WindowsUpdateLog cmdlet merges and converts Windows Update .etl files into a single readable WindowsUpdate.log file. Windows Update Agent uses
Event Tracing for Windows (ETW) to generate diagnostic logs. Windows Update no longer directly produces a WindowsUpdate.log file. Instead, it produces
.etl files that are not immediately readable as written.
This cmdlet requires access to a Microsoft symbol server.
PARAMETERS
-ETLPath [<String[]>]
Specifies an array of paths of Windows Update .etl files to convert into WindowsUpdate.log. The default value for this parameter is the Windows
Update trace file directory for the current device. The acceptable values for this parameter are:
-- The full path of a directory that contains one or more .etl files.
-- The full path of a single .etl file.
-- A comma-separated list of full paths of .etl files.
Required? false
Position? 1
Default value none
Accept pipeline input? true(ByValue,ByPropertyName)
Accept wildcard characters? false
-ForceFlush [<SwitchParameter>]
Indicates that this cmdlet forces the Windows Update Agent on the current device to flush all of its traces to .etl files. This process stops the
Update Orchestrator and Windows Update services. Running this cmdlet with this parameter requires administrative credentials. You can start Windows
PowerShell with administrative credentials by using the Run as administrator command.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-InformationAction [<ActionPreference>]
Specifies how this cmdlet responds to an information event. The acceptable values for this parameter are:
-- SilentlyContinue
-- Stop
-- Continue
-- Inquire
-- Ignore
-- Suspend
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-InformationVariable [<String>]
Specifies a variable in which to store an information event message.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-LogPath [<String>]
Specifies the full path to which Get-WindowsUpdateLog writes WindowsUpdate.log. The default value is WindowsUpdate.log in the Desktop folder of the
current user.
Required? false
Position? 2
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-ProcessingType [<String>]
Specifies the file type that Get-WindowsUpdateLog uses for temporary files that are created during intermediate processing. The acceptable values
for this parameter are:
-- CSV (comma-separated values)
-- XML
By default, the value is CSV. The temporary files are in $env:TEMP\\WindowsUpdateLog.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-SymbolServer [<String>]
Specifies the URL of Microsoft Symbol Server. By default, this value is the Microsoft public symbol server.
Required? false
Position? 3
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value false
Accept pipeline input? false
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value false
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
Example 1: Merge and convert Windows Update trace files
PS C:\\>Get-WindowsUpdateLog
Converting C:\\Windows\\logs\\WindowsUpdate into C:\\Users\\Admin\\Desktop\\WindowsUpdate.log
Directory: C:\\Users\\admin\\AppData\\Local\\Temp\\WindowsUpdateLog
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 5/30/2015 10:02 PM SymCache
Input
----------------
File(s):
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.112451.395.1.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.112502.723.1.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.112524.191.1.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.121921.075.1.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.122031.684.1.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.122432.434.1.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.122432.434.2.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.122432.434.3.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.122432.434.4.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.122432.434.5.etl
0.00%8.33%16.67%25.00%33.33%41.67%50.00%58.33%66.67%75.00%83.33%91.67%100.00%
Output
----------------
DumpFile: C:\\Users\\admin\\AppData\\Local\\Temp\\WindowsUpdateLog\\wuetl.CSV.tmp.0
The command completed successfully.
WindowsUpdate.log written to C:\\Users\\admin\\Desktop\\WindowsUpdate.log
This command merges and converts Windows Update trace files (.etl files) into a single readable WindowsUpdate.log file.
RELATED LINKS
WindowsUpdate_Cmdlets
Get-WindowsUpdateLog
SYNOPSIS
Merges Windows Update .etl files into a single log file.
SYNTAX
Get-WindowsUpdateLog [[-ETLPath] <String[]>] [[-LogPath] <String>] [[-SymbolServer] <String>] [-ForceFlush] [-InformationAction {SilentlyContinue | Stop
| Continue | Inquire | Ignore | Suspend}] [-InformationVariable <String>] [-ProcessingType {CSV | XML}] [-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The Get-WindowsUpdateLog cmdlet merges and converts Windows Update .etl files into a single readable WindowsUpdate.log file. Windows Update Agent uses
Event Tracing for Windows (ETW) to generate diagnostic logs. Windows Update no longer directly produces a WindowsUpdate.log file. Instead, it produces
.etl files that are not immediately readable as written.
This cmdlet requires access to a Microsoft symbol server.
PARAMETERS
-ETLPath [<String[]>]
Specifies an array of paths of Windows Update .etl files to convert into WindowsUpdate.log. The default value for this parameter is the Windows
Update trace file directory for the current device. The acceptable values for this parameter are:
-- The full path of a directory that contains one or more .etl files.
-- The full path of a single .etl file.
-- A comma-separated list of full paths of .etl files.
Required? false
Position? 1
Default value none
Accept pipeline input? true(ByValue,ByPropertyName)
Accept wildcard characters? false
-ForceFlush [<SwitchParameter>]
Indicates that this cmdlet forces the Windows Update Agent on the current device to flush all of its traces to .etl files. This process stops the
Update Orchestrator and Windows Update services. Running this cmdlet with this parameter requires administrative credentials. You can start Windows
PowerShell with administrative credentials by using the Run as administrator command.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-InformationAction [<ActionPreference>]
Specifies how this cmdlet responds to an information event. The acceptable values for this parameter are:
-- SilentlyContinue
-- Stop
-- Continue
-- Inquire
-- Ignore
-- Suspend
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-InformationVariable [<String>]
Specifies a variable in which to store an information event message.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-LogPath [<String>]
Specifies the full path to which Get-WindowsUpdateLog writes WindowsUpdate.log. The default value is WindowsUpdate.log in the Desktop folder of the
current user.
Required? false
Position? 2
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-ProcessingType [<String>]
Specifies the file type that Get-WindowsUpdateLog uses for temporary files that are created during intermediate processing. The acceptable values
for this parameter are:
-- CSV (comma-separated values)
-- XML
By default, the value is CSV. The temporary files are in $env:TEMP\\WindowsUpdateLog.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-SymbolServer [<String>]
Specifies the URL of Microsoft Symbol Server. By default, this value is the Microsoft public symbol server.
Required? false
Position? 3
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value false
Accept pipeline input? false
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value false
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
Example 1: Merge and convert Windows Update trace files
PS C:\\>Get-WindowsUpdateLog
Converting C:\\Windows\\logs\\WindowsUpdate into C:\\Users\\Admin\\Desktop\\WindowsUpdate.log
Directory: C:\\Users\\admin\\AppData\\Local\\Temp\\WindowsUpdateLog
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 5/30/2015 10:02 PM SymCache
Input
----------------
File(s):
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.112451.395.1.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.112502.723.1.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.112524.191.1.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.121921.075.1.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.122031.684.1.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.122432.434.1.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.122432.434.2.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.122432.434.3.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.122432.434.4.etl
C:\\Windows\\logs\\WindowsUpdate\\WindowsUpdate.20150529.122432.434.5.etl
0.00%8.33%16.67%25.00%33.33%41.67%50.00%58.33%66.67%75.00%83.33%91.67%100.00%
Output
----------------
DumpFile: C:\\Users\\admin\\AppData\\Local\\Temp\\WindowsUpdateLog\\wuetl.CSV.tmp.0
The command completed successfully.
WindowsUpdate.log written to C:\\Users\\admin\\Desktop\\WindowsUpdate.log
This command merges and converts Windows Update trace files (.etl files) into a single readable WindowsUpdate.log file.
RELATED LINKS
WindowsUpdate_Cmdlets