Log Viewer allows opening one or more files at the same time, merging information on these files, and monitoring log sessions. Log files with an .etl extension can be opened by Log Viewer by using the File - Open Event File 
menu, by using the Open Event File option on the toolbar, or by dragging a file to the main window. The result is a window similar to the one on the next figure.
Opening a log file
On the event viewing area, files are sorted chronologically, one event by row. Messages in green are information about the structure of log files, and are not part of the messages of the process that recorded events on that session.
To toggle between file and event viewing areas, use the TAB key. To return to the previous view, use the key combination SHIFT + TAB. Whenever toggling to the event view, the selection of the previously selected event in that view and in that file is restored.
The status bar, on the lower part of the window, always indicates the number of selected events (in this example, 3670), the percentage of processed ones (in this example, 100%), and the status of search filters (in this example, that search was not affected by any filter).
When right-clicking the header of the event list, users can select, on its contextual menu, which columns are visible or invisible to users.
To view a message's details, select the corresponding row and type ENTER or double-click a message. The window on the next figure is then opened.
Details of a log message
The available options on this window are described on the next table.
Available options on the Event Properties window
Option |
Description |
|---|---|
Date |
The event date, in YYYY-MM-DD format |
ID |
A unique identifier for every event |
Time |
The event time, in HH:MM:SS.000 format |
Process |
Identifier of the process generating this event. This value can be displayed in hexadecimal or decimal format, depending on the selection performed in the Process and Thread as Hexadecimal option of an event's contextual menu |
Category |
Event category, according to the table at the beginning of this chapter |
Thread |
Identifier of the thread generating this event. This value can be displayed in hexadecimal or decimal format, depending on the selection performed in the Process and Thread as Hexadecimal option of an event's contextual menu |
Module |
Identifies the module, function, or area name inside the process or thread responsible for generating information about this event |
Move Previous |
Allows navigating through the previous and next events relative to the selected event |
Message |
Text of an event's message |
BLOB Data |
Shows whether along with an event there is binary data (Binary Large Objects) attached, which complements information given by this event's Message option. This option is not mandatory and therefore it may not have data associated to it |
Copy |
Allows copying the selected event to the Clipboard |
Close |
Closes this window |
and Move Next 
When the mouse pointer remains over an event for some time, a tool tip appears displaying its message, as shown on the next figure.
Tip showing an event message
When right-clicking a file, the options on the next table are displayed on its contextual menu.
Contextual menu options of a file
Option |
Description |
|---|---|
Close File (CTRL + F4) |
Closes only the selected file |
Close This Node Files (CTRL + ALT + F4) |
Closes all files from the node where the selected file is, Opened Log Files or Merged Log Files |
Close All Files (CTRL + SHIFT + F4) |
Closes all open files |
Close All Files But This |
Closes all open files, except the selected file |
Merge All Files (CTRL + SHIFT +G) |
Adds all files from the Opened Log Files node to the Merged Log Files node |
Merge File (CTRL + G) |
Adds the selected file to the Merged Log Files node |
Open File Folder |
Opens the directory where the log files are stored |
Copy File Path to Clipboard |
Copies the path of the selected file to Windows Clipboard |
Filter Editor (CTRL + I) |
Opens the window to configure filters |