I don't need help fixing the event viewer. I need help opening a saved security event log that was corrupt. I need to be able to review the log. Does anyone have any ideas how I can do this? I receive a, "The data is invalid" error message when attempting to open the SecEvent.Evt file.J. Swann Information Security Engineer

Follow the procedure here http://www.stevebunting.org/udpd4n6/forensics/repaireventlogfile.htm Rgds Milos

Thanks, I did see that. I couldn't get beyond step 1. My log did not return any results for the hex value in mentioned. J. Swann Information Security Engineer

Hi, Please check if PsLogList can help you. Please also note that you may need administrator privileges to read the Security event log. Hope this helps. Jeremy Wu TechNet Community Support

Hi, Please check if PsLogList can help you. Please also note that you may need administrator privileges to read the Security event log. Hope this helps. Jeremy Wu TechNet Community Support

No mas. That utility is only helpful for healthy logs. When I attempted to run it against the corrupt log file it simply stated: SecEvent.Evt: Could not open SecEvent.Evt event log on <hostname>: The event log file is corrupted.J. Swann Information Security Engineer