Starting with Windows 10 and higher Operating Systems, Microsoft decided to decrease a load of Windows by changing how the default log file of Windows Update should be written and reviewed. On the newer systems Microsoft requires you to issue the logfile first before you can read any of it.
This tutorial explains the faster and easier way to do this on the fly using Windows PowerShell.
Steps:
1. Open an elevated PowerShell prompt.
2. Run:
Get-WindowsUpdateLog
3. Accept the eventual popup that makes you agree on using Microsoft Symbols (first-time use only).
4. Await PowerShell to find and compile the relevant WU chunks (.etl files) generated on the system
5. When done, PowerShell will place the WindowsUpdate.log file on your Desktop.
The compiled WindowsUpdate.log file is generated as a 'fixed-only' file using this method.
Windows Update may sometime generate an excessive number of .etl files tracing update history in longer periods. The compilation of such log files may take a longer time to compile all .etl chunks.
To keep historical data and still retain a limited amount of chunks, you can compile WU.log on your desktop and then delete the compiled chunks leaving you with the compiled file as a backup.
1. Directory where all .etl chunks are generated is: "C:\Windows\Logs\WindowsUpdate\"
2. You can remove chunks based on any string pattern within the names of the .etl chunks using wild character (*) before and after the string you aim to select.
a) Use 'dir' command to list all contents in the folder and the -Name property
b) Find a similar pattern in the files you want to delete (such as date, or common string of characters)
c) Use 'Remove-Item' command with a wild character before and after the selected string to delete files
dir C:\Windows\Logs\WindowsUpdate\
Remove-Item *20180618* (this will delete all files that date from 18-06-2018)
Jan 03, 2019 09:16 PM - edited Sep 27, 2019 05:56 PM