Generating the Log Files for Troubleshooting Windows Updates for Windows 10

Generating the Log Files for Troubleshooting Windows Updates for Windows 10

Troubleshooting Windows Update for Windows 10 is a convoluted mess. Or, better said, I guess, it's just not as simple and intuitive as it has been in previous versions of Windows. Microsoft chose to change how Windows Update collects and stores information about updates applied in Windows 10. Early on in the Windows 10 development process, during first run of the Technical Preview program, a lot of us noticed the changes, but hoped that Microsoft would improve the process over time. Windows 10 was still a beta product, after all, and the software company had months to go before official release. So, Microsoft was given a pass for the time being.

The Windows Update Agent for Windows 10 now uses Event Tracing for Windows (ETW) to generate its diagnostic logs. Windows Update no longer automatically generates a WindowsUpdate.log file that can be read in the normal ways we had become accustomed to using. Instead, .etl files are produced which are not immediately readable.

In a perfect world, we wouldn't need to troubleshoot Windows Update – Microsoft's patches would just work. But, as we've all come to realize, this may never be the case.

Fortunately, Microsoft didn't leave us completely out in the cold. The company has supplied a new PowerShell cmdlet called Get-WindowsUpdateLog that essentially does what it professes – it gets the Windows Update log file. There's a string of additional parameters you can use (described in full HERE) to customize the output, but running it on its own produces the desired effect. For a quick look at the syntax…

Here's how to use Get-WindowsUpdateLog to retrieve Windows Update information from the .etl files and deliver the information into a log file, readable in your favorite text file reader.

  1. In Windows 10, run PowerShell.

  2. In the PowerShell command windows, run Get-WindowsUpdateLog

  3. This third step is highly important: Wait. Just when it looks like the cmdlet is finished, wait longer. Even when it says, "The command complete successfully," wait even longer. It takes a while for the cmdlet to locate ALL the required .etl files and parse through them. You'll know when the process is complete when it finally returns to the PS prompt and indicates that the WindowsUpdate.log file has been written.

  4. WindowsUpdate.log is written to the local computer's Windows 10 Desktop. Open it in your favorite log reader (Notepad works just fine) to see what is contained inside.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.