WMI Log Files
Starting with Windows Vista, most of the text log files no longer exist. Instead, WMI uses Event Tracing (ETW) and events can be obtained through the Event Viewer user interface or the Wevtutil command line tool. For more information, see Tracing WMI Activity.
Event Tracing Instead of Text Logs
Starting with Windows Vista, WMI service activity is recorded in the WMITracing.log file. For more information about enabling WMI event tracing and accessing the WMITracing.log file, see Tracing WMI Activity. Windows Driver Model (WDM) providers continue to log in the Wbemprov.log file.
Windows Server 2003, Windows XP, Windows 2000, and Windows NT 4.0: WMI logs Wbemcore.log, Wbemess.log, Mofcomp.log, Framework.log, Wmiadap.log, Winmgmt.log, Wbemprox.log, and Setup.log are the source for WMI events.
WMI Logging Before Windows Vista
WMI logging must be enabled to create and update WMI log files. You can enable logging on the Logging tab of the WMI Control. This tab allows you to specify he location of the log files, the size, and to disable or enable logging.
The default location for WMI logs is %Windir%\system32\wbem\Logs but this location can be changed in the WMI Control.
Only administrators have read access to the WMI log folder found at the default location, %windir%\system32\wbem\logs. The event source is
Windows 2000 and Windows NT 4.0: Non-administrators can read logs in the WMI log folder.
For more information about the WMI HRESULT contained in the log entry, see WMI Error Constants. You can use the error lookup feature in Visual C++ to determine the error messages for other HRESULT values, such as COM or RPC errors.
WMI Log Files
The WMI service and some providers write text log files to record events.
| Term | Description |
|---|---|
|
In operating systems earlier than Windows Vista, the WMI Service maintains text log files. | |
|
WMI providers also may maintain logs. Which log files appear on a system depends on which providers are installed. |
Related topics
Send comments about this topic to Microsoft
Build date: 11/19/2012
