Viewing an event log is just easier with the Event Log Viewer from Windows. But our Docker containers do not have a UI so you cannot use that viewer by default. But it’s possible by creating a backup of the log.
First, make a backup of the required event from a command prompt running in the container (if you use containers created with the awesome NavContainerHelper you should have shortcuts available for both Command Prompt and PowerShell)
The wevtutil can backup the event log, this is the command to do that:
wevtutil epl Application C:\run\my\AppLogBackup.evtx
The AppLogBackup.evtx is placed in the \run\my folder that’s mapped to this local folder on the host machine:
C:\ProgramData\NavContainerHelper\Extensions\[Container Name]\my
Open that, and double click to open the backup with the normal Event Log Viewer:
