The second column in the Endpoint Protection Manager syslog.log file represents a timestamp value.  The timestamp data is stored in a hexadecimal format.  You want to convert the hexadecimal value to a standard MM/DD/YYYY HH:MM:SS timestamp.

The timestamp is in Windows NT System Time format stored as a hexadecimal value.  The following example demonstrates converting the hexadecimal value to a standard timestamp.

Example Value: 01cb63d8e1fcac54

1. Convert 01cb63d8e1fcac54 to a decimal value of 129306797465709652.
   • This can be done with the Microsoft calc.exe program in the scientific/programmer view.  Select Hex as the format and paste the hexadecimal value in to the calculator.  With the value pasted in to the calculator select Dec and it will convert the displayed number from hexadecimal to decimal.
2. Use Microsoft's w32tm tool, from a command prompt, to convert the decimal value to the desired MM/DD/YYYY HH:MM:SS format.
   • w32tm /ntte 129306797465709652