PURPOSE OPERATION COMMAND LINES OPTIONS RELATED PROGRAMS
This is a command line program.
MUST be run within a command window as administrator.
Note that the more recent versions of Windows may only provide a SETUPAPI.APP.LOG or SETUPAPI.DEV.LOG. The version as of 7/2013 should provide adequate conversion of the data. If you find problems, please provide a sample of the log for debugging.
The setupapi.log file contains data records which are grouped by the date and time of the item being setup. The unfortunate part is that only one record per group contains the actual date and time of that particular setup process. For instance you might have the following item:
[2011/08/30 10:00:08 4008.2] #-199 Executing "C:\WINDOWS\SoftwareDistribu "shortened for display" #I443 No installed Authenticode(tm) catalogs "shortened for display" #I443 No installed Authenticode(tm) catalogs "shortened for display"
If you have hundreds or thousands of items, it not only is cumbersome to locate and parse items of interest, but if you attempted to sort or load the data to a spreadsheet for additional processing, you would loose sequence of events.
The program takes the initial date/time of each group, and prepends it to each succeeding record with an additional index number. So that later massaging of the data records can easily be sorted by date/time and still remain grouped properly. The resulting output records will show as here, and are tab delimeted for easy loading to spreadsheets:[2011/08/30 10:00:08 4008.2] [2011/08/30 10:00:08(01) #-199 Executing "C:\WINDOWS\SoftwareDistribu "shortened for display" [2011/08/30 10:00:08(02) #I443 No installed Authenticode(tm) catalogs "shortened for display" [2011/08/30 10:00:08(03) #I443 No installed Authenticode(tm) catalogs "shortened for display"
In some instances the record contains a reference to a drive serial number, and size. If the serial number and/or size is found, two additional fields are sepgregated out. The volume serial number, and size of the drive. This is an assistance for located externally mounted devices and their internal (volume) serial numbers, not manufacturer serial number.
The program operation is explained above. The only items it needs on the command line is the filename of the setupapi.log file. It take that file and adds a _tmp to the filename as a new output. The new output name then is setupapi_tmp.log. Be sure not to overwrite older output files.
The output file is now tab delimeted and can now easily be imported to a spreadsheet for processing.
C:> setupapi_format setupapi.log"
None.
X-WAYS_META Is capable of processing the meta data fields within x-ways report and file extract csv files.