wevtail – tail‑f for Windows event logs, live streaming with colors
It lets Windows admins watch event logs in real time, like Unix tail. The tool uses the Win32 EvtSubscribe API to receive events instantly, avoiding the polling loops of PowerShell scripts. It outputs color‑coded lines or JSON‑lines, supports multiple channels, back‑fill, and remote tailing, making log analysis quick and script‑friendly. Compared to built‑in utilities, it provides a single static binary with live push, filtering and a pleasant CLI experience.
View on GitHub →Ldogg123/wevtail