The Windows Event Viewer can give you vital information about your operating system and key events that are occurring in the day to day running of your system. It can also be referenced when trying to determine causes of programs that fail and why they were forced to close etc. You can also get important information about the current state of your systems drivers and more.
You will find the event viewer in the Start>Control Panel>Administrative Tools sections of your Windows XP.
The event Viewer will create and maintain the following logs:
- System Log- This log will record alerts about hardware and operating system errors, and other related warnings.
- Security Log- This log will record all failed logon attempts as well as any changes made to user accounts and/or user group permissions. This will also track cases where users try to access resources where they did not have sufficient access permissions.
- Application Log- This log records events regarding applications or programs installed in your computer.
- Directory Service- This log stores alerts and events related to your operating systems directory service.
- DNS Service- This log will store events relating to the DNS services.
Each of these logs will track different aspects of your operating system but all of them will track the time and date of each alert or occurrence as well as the user who caused it and which machine the user was logged into at the time.
The below image shows the application section of the event log on my computer. You will notice that there is 1 error alert and the rest of the entries are just logged information.
A warning is marked with a yellow triangle in the event viewer application screen. Below is what that warning looks like when it is opened up.
This warning has alerted me that on February 26, 2009 a user account on my computer malfunctioned because it was improperly programmed. This particular error is not overly helpful. Entries in your event viewer that are the most helpful are error alerts. Errors are symbolized by a red circle with a white X through it. Below is an example of an error:
The link found on the event properties box description field will lead you to the Microsoft site with more assistance or info as to what may have caused the error, and how to possibly rectify it.
In the example above an application hung which caused it to close.
The event viewer will give you clues to what the problem actually is but will rarely give you the cause of the problem directly within the events properties.
You should take the information you find in the event viewer to get clues or more help elsewhere. That’s basically what the Windows event viewer is for.