Windows is moving to the *.EVTX format for their logging files, but we still have clients that have versions that write to the older *.EVT format. What are the differences in how those files are built, with a view to if they are parsed differently.
The problem I'm having is when I try to open a *. EVT file in windows 7, I get a lot of invalid data errors, but when I turn around and open them in XP, it seems to work fine.
For full disclosure, I'm seeing the same behaviour when I save the log out of the viewer, and when I try copying the files directly from the windows32 folder path.
Best Answer
Windows Event files were classified as .evt files up until Windows XP.
Windows Vista and newer started calling event log files .evtx
You can convert between the two! :)
(this is a lot like .doc vs .docx in MS Word between the Office '03 and '07 releases)
EDIT TO FOLLOW YOUR EDIT:
ALSO I saw this link about compatibility of loading in evt files on older versions of Windows, etc...it seems you may not be the first to run into this problem!