Event logs are special files that record significant events on your computer, such as when a user logs on to the computer or when a program encounters an error. Whenever these types of events occur, Windows records the event in an event log that you can read by using Event Viewer. Advanced users might find the details in event logs helpful when troubleshooting problems with Windows and other programs.
Event Viewer tracks information in several different logs
Windows Logs
The Windows Logs category includes the logs that were available on previous versions of Windows: the Application, Security, and System logs. It also includes two new logs: the Setup log and the Forwarded Events log. Windows logs are intended to store events from legacy applications and events that apply to the entire system.
-
Application (program) - Events are classified as error, warning, or information, depending on the severity of the event. An error is a significant problem, such as loss of data. A warning is an event that isn't necessarily significant, but might indicate a possible future problem. An information event describes the successful operation of a program, driver, or service.
-
Security - These events are called audits and are described as successful or failed depending on the event, such as whether a user trying to log on to Windows was successful.
-
Setup - Computers that are configured as domain controllers will have additional logs displayed here.
-
System - System events are logged by Windows and Windows system services, and are classified as error, warning, or information.
-
Forwarded Events - These events are forwarded to this log by other computers.
Applications and Services Logs
Applications and Services Logs vary. They include separate logs about the programs that run on your computer, as well as more detailed logs that pertain to specific Windows services. This category of logs includes four subtypes: Admin, Operational, Analytic, and Debug logs.
-
Admin - These events are primarily targeted at end users, administrators, and support personnel. The events that are found in the Admin channels indicate a problem and a well-defined solution that an administrator can act on. An example of an admin event is an event that occurs when an application fails to connect to a printer. These events are either well documented or have a message associated with them that gives the reader direct instructions of what must be done to rectify the problem.
-
Operational - Operational events are used for analyzing and diagnosing a problem or occurrence. They can be used to trigger tools or tasks based on the problem or occurrence. An example of an operational event is an event that occurs when a printer is added or removed from a system.
-
Analytic - Analytic events are published in high volume. They describe program operation and indicate problems that cannot be handled by user intervention.
-
Debug - Debug events are used by developers troubleshooting issues with their programs.
How to open Event Viewer
Open Event Viewer by clicking the Start button, clicking Control Panel, clicking System and Security, clicking Administrative Tools, and then double-clicking Event Viewer.
Note: Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
Click an event log in the left pane.
Double-click an event to view the details of the event.
How to save Event Viewer logs files
You can save event logs for later reference or for historical data. Event log files can be saved as event files (*.evt), text files (*.txt). or comma-delimited text files (*.txt).
To save event logs right-click the appropriate log file (Application, Security, System, Directory Service, or File Replication Service) then click Save All Events As. Type a name for the file, and click Save.
You should now have a new file ending with .evtx. If however you wish to export as another format, before clicking save, select the file type you wish to save your Log as via the "Save as type" dropdown box. You may save Event Viewer log files as .evtx, .xml, .txt, .csv file formats.
Comments
0 commentsArticle is closed for comments.