Microsoft improves Windows Update log formatting in Windows 10 version 1709
Microsoft switched the Windows Update log file from a plain text document to a binary file with the release of Windows 10.
This meant, among other things, that you could not just open the log in a plain text editor to go through it, or use text editing tools to process it directly.
Microsoft released a PowerShell cmdlet called Get-WindowsUpdateLog that Home users and administrators may use to convert the binary log file to a formatted plain text document.
The cmdlet accepts several parameters, but you can also run it without any to merge and convert Windows Update traces files to a single log file that is readable in any plain text reader.
The process up until now relied on access to Windows symbols which were pulled from a public Microsoft symbol server. If access to the server was not available at the time, for instance because of network issues or if the local device was not connected to the Internet, the formatting would not work as intended.
Microsoft changed the requirement in the Fall Creators Update for Windows 10. While you still need to run Get-WindowsUpdateLog to format the log files, a connection to a symbol server is no longer required for it.
Optional parameters explained:
- -Confirm -- This parameter prompts you and waits for confirmation before it runs the PowerShell cmdlet.
- -ETLPath PATH(s) -- This lets you pick the folder, file or files that you want processed by the cmdlet.
- -ForceFlush -- Forces the Windows Update Agent to flush all of its traces to etl files. Stops Update Orchestrator and Windows Update services, requires elevated privileges.
- -LogPath -- Specifies the path the processed log file should be written to.
- -ProcessingType -- Specifies the file type for temporary files that are created during processing. Default format is CSV, but XML may be used as well.
- SymbolServer -- Select the Microsoft Symbol Server.Â Default is the public symbol server.
- -WhatIf -- A dry run that previews what would happen if you would run the cmdlet.