Application Verifier displays a Logs window that contains the applications that have been run previously and the logs associated with them.

To access the log window

• On the View menu, select Logs .
  
  

To view the details of a log

• Select name of the application.
  
  

If you export a log to XML, you can open the log file in Microsoft Internet Explorer or Microsoft Excel.

To export a log to XML

1. Select the application and then the log you wish to export.
   
   
2. Click Save As .
   
   
3. Enter the name you want to give the file and its location, and then click Save .
   
   

You may want to filter log information on items such as Severity, to see warnings only, or to trace where you can define a custom filter to display only items that contain your application. To do so the following procedure is recommended:

To filter a log

1. Save the log to XML and open it in Excel.
   
   
2. In Excel, highlight the first row (containing the column headers).
   
   
3. On the Data menu, clicking Filter , and then clicking AutoFilter .
   
   

Application Verifier enables either to delete a log individually or to remove an application and delete all logs associated with it.

To delete a log individually

• Select the log and click Delete .
  
  

or

• Right-clicking the log and select Delete .
  
  

To remove an application and delete all logs associated it

• Right-click the application name and then select Delete .
  
  

To delete all logs

1. Open the main Application Verifier window.
   
   
2. On the File menu, select Clear All Logs .
   
   

When a process is running, you can add a stamp into its associated log file. The stamp information can be an arbitrary string, such as current time. Later you can use this information as a filter to retrieve the log of interest.

To add a stamp into a log file

1. Select the log file, and then click Add Stamp .
   
   
2. Enter a string as the stamp information.
   
   

By default, the logs for services/apps running under user accounts are stored under: %USERPROFILE%\serviceprofiles\AppVerifierLogs.

For services/apps running under local service accounts, the log files are written under: %windir%\serviceprofiles\LocalService\AppVerifierLogs

For services/apps running under a system account, the log files are stored under: %windir%\system32\config\systemprofile\AppVerifierLogs for native services, and %windir%\syswow64\config\systemprofile\AppVerifierLogs for wow64 services/apps.

For services/apps running under a network service account, log files are stored under: %windir%\serviceprofiles\NetworkService\AppVerifierLogs.

If the application doesn�t have permissions to write/create the log file in the default log file path, it will fail with the error 0xC0000022.

Setting the VERIFIER_LOG_PATH environmental variable overrides the default log file creation. This can be useful if you want all your log files stored in a single location.

Protected processes don�t have access to environmental variables and hence cannot create log files. To work around this, the protected process log path can be set using the AppVerif.EXE command-line: �appverif.exe �sppath <drive:>\<path>� to set the protected log path.

The command line; �appverif.exe �cppath� clears the protected log path.

Symbol path � the symbol path will be used to resolve the stack trace in the log file. If you don�t specify a symbol path, Application Verifier will automatically look at _NT_SYMBOL_PATH to see if any symbol path is specified there.

From, to � You can specify the starting stamp and ending stamp. You will only see the log content, which is recorded after the From stamp is inserted and before the end stamp is inserted. If you do not provide a From or To stamp, Application Verifier will display the log from the very beginning of the file to the end of file respectively.

Application Verifier log file creation depends on environment variables such as VERIFIER_LOG_PATH and %USERPROFILE%. If a process such as protected (secure) process cannot access these environment variables, it fails to create the log files. The following command line options can be used to set/clear the protected process log path. This log path is used only if the process cannot create log files under VERIFIER_LOG_PATH or %USERPROFILE%.

To set the protected process log path:

appverif �sppath [PROTECTED_PROCESS_LOG_PATH].

For ex: The following command line sets the protected process log path to �c:\My Logs\Verifier Logs�.

appverif �sppath �c:\My Logs\Verifier Logs�.

Note: Make sure that �c:\My Logs� exists and the protected process has permission to create files in this path.

The following command line shows the existing protected process log path.

appverif �sppath

To show the existing protected process log path and clear it, use the following command line:

appverif -cppath

Note that the �Application Verifier �Logs� window shows the log files in %USERPROFILE% of the logged on user. If you want the protected process logs to show up in this UI, you need to manually copy them to %USERPROFILE%\AppVerifierLogs.