Windows Update Agent – Windows 10 – New logging format

ConfigMgr 2012 admins running Windows 10 should be learning a bit about what is going on with the Windows 10 Windows Updates Clients new logging feature, Event Tracing for Windows

 

This is how you use to read it, with the WindowsUpdate log: https://support.microsoft.com/en-us/kb/902093

 

This is how you read it now in Windows 10, from a binary encoded ETL file: https://support.microsoft.com/en-gb/kb/3036646

 

More info on Event Tracing for Windows (ETL): https://msdn.microsoft.com/en-us/library/windows/desktop/aa363668(v=vs.85).aspx

 

There’s a PowerShell Applet called Get-WindowsUpdateLog that you can use to get a one-time snapshot of the current activity taking place, or to review historical activity. You can also use a command line tool, to manually decode the ETL file into human readable format using TRACEFMT