[Windows] Windows Update log and its storage location (location of log files related to updates)

Tips / Knowledge

Hello!This time, I will introduce the storage location of log files related to Windows update.

Windows updateFor various reasonsFailureOrroll backI will do it.
Is it due to hardware or software?You can't judge just by looking at it.

To find out such a cause, firstclueI have to find.
After all it is helpful for the investigationlogfileIt will be.

そのAcquisition method, な ら び にstorage siteI want to introduce.

■ Basic log file -WindowsUpdate.log-

First of all,WindowsUpdate.log.
As the name suggests, it contains logs related to Windows Update.

This is stored in different locations on Windows 8.1 and earlier and Windows 10 and later.
I didn't know where it was right after migrating to Windows 10, butOutput with PowerShellIt seems that it has become a format to confirm.

First is the traditional Windows storage location.You can check the contents by opening this log file with a text editor.

■ Conventional Windows storage location
% WINDIR% \ WindowsUpdate.log

For Windows 10 or later, "C: \ Windows \ Logs \ Windows UpdateTo ""~ .Etl"Binary fileIt is saved as.Even if you know the location, you cannot read it as it is.Combine with PowerShell commandsFor the first timeCan be read with a text editorIt will be like.The command is:

■ Commands to combine with WindowsUpdate.log


When I ran this, it ranUser desktopToWindowsUpdate.log appearsTo do.
If you open this with a text editor etc., you can check the Windows Update log.

■ Feature update log -Setupact.log / Setruperr.log-

This is a large-scale update of Windows, a machineNoh update program (FeatureUpdate: FU) It is a log file related to. This is the case when the number displayed next to the version changes when using the "Winver" command or the like.

After FUIn the case ofThe path belowThese log files are stored in.

■ Storage location of log files after Windows Update (FU) is completed

% WINDIR% \ Panther \ Setupact.log
% WINDIR% \ Panther \ Setuperr.log

In addition, In the middle of FUIs directly under the system drive$ WINDOWS. ~ BTFoldergenerateWill be
The same name as the log in FU in itSetupact.log/Setuperr.logAsoutputWill be
Even if it is interrupted for some reason, it often remains here, soClick here in case of update failureYou may often see.

■ Storage location of log files during Windows Update (FU)

% SYSTEMDRIVE% \ $ WINDOWS. ~ BT \ Sources \ Panther \ Setupact.log
% SYSTEMDRIVE% \ $ WINDOWS. ~ BT \ Sources \ Panther \ Setuperr.log

Note: There are many log files with the same name here and there, but in most cases they aren't very useful, such as during a clean install of Windows.

■ Event log -WindowsUpdateClientOperational.evtx-

nextEvent Logis.OrdinarilyEvent viewerYou will often see it in the form of reading with.Use this log file for measures such as update failure in a remote location.Submitted by userYou can ask for it, so it's worth remembering the storage location.

The actual file is stored in "% WINDIR% \ System32 \ winevt \ Logs".
Microsoft-Windows-WindowsUpdateClient% 4Operational.evtx

In the event viewerSearch manuallyIf[Application and Service Log]-[Microsoft]-[Windows]-[WindowsUpdateClient]-[Operational]You can find it at.

You can find some hints by looking at the errors and information displayed here.

■ Repair error log -CBS.log-

This is more after that than Windows UpdateWhen repairedWhatCheck if an error occurredIt is a log that may be collected in order to do so.

It is output here when the common repair command "sfc / scannow" is executed.
See the reference article for repair commands.

Not just the update failed, but after thatError when executing repair commandIf you do, it will help you to investigate.The cause isCause of error when updating as it isIt is often.

The storage location is as follows.

% WINDOWS% \ Logs \ CBS \ CBS.log

This is obedientlyText editorWhen you open it with etc.Confirmcan.

■ Error dump file -Minidump / Memorydump-

The dump file isOutput when a blue screen (BSOD) occursMemory data.
It helps to find out the cause when a blue screen occurs during Windows Update.

mainlyCaused by driver or hardwareIt is effective for the error.Security related softwareIt is often dumped into dump when is a factor.

% WINDOWS% \ Minidump \ ######-#####-##. Dmp (# is a number)

".Dmp" fileReadIsRequires a dedicated applicationis. Blue Screen View is a typical software.

More information on BlueScreenView: Find Vector software!
Analyze the cause of the blue screen and help identify the driver that caused the error

Also, the dump file can be changed to Minidump or Memorydump depending on the settings. * I would like to post another article about this setting method together with the survey tool Blue Screen View.


This time, I introduced how to get a log file that is useful for investigating errors associated with updating Windows.

In the old days, a ridiculous amount of instructions often came with a computer accessory.Today's personal computers often have only a warranty card, and it is difficult to collect information.After all, such troubles are also a proof that it has become a professional job.I think this is an area that is difficult for ordinary people to reach.

Even so, I think that those who are working and responding, or those who have difficulty in sending out repairs one by one, have to somehow solve it.I hope you can use these log files as hints.

As an OS that is constantly being updated, Windows 10 has been updated many times since it came out.It's already been updated over and over again, so you may run into terrible errors over time.

I hope that you will remember this article at such times and use it for your research.

I hope it helps you.


Translate »
I copied the title and URL