Translate

Tuesday, December 18, 2018

Extend and read Windows Update Log

Sometimes something went wrong during Windows Updates. So it would be helpful to know what's  going wrong. Therefore we have the Windows Update Log. But where is it, how to read and how to extend to get even more out of it.

Beware - in Windows 10 the Windows Update logfile is by default in ETL format! 

This is an internal logging format from Microsoft. To "translate" it in to human readable format you need to to convert it. This is fortunatelly very simple.

1. Open Powershell
2. Type in: Get-WindowsUpdateLog (and press Enter)
3. Last line will tell you where the WindowsUpdate.log file was written.


How to enable extended logging
Microsoft Product Support Services may ask you to turn on verbose logging. To turn on verbose logging, add the following registry key with two values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Trace
Value name: Flags
Value type: REG_DWORD
Value data: 00000007

Value name: Level
Value type: REG_DWORD
Value data: 00000004
This registry key turns on an extended tracing to the %systemroot%\Windowsupdate.log file. Additionally, this registry key turns on an extended tracing to any attached debuggers.  


How to read and understand the log

You will find a comprehensive article on this here:
https://support.microsoft.com/en-us/help/902093/how-to-read-the-windowsupdate-log-file

No comments:

Post a Comment