Event Viewer and manager

An event is any important occurrence in the system or in a program that demands users’ attention. It acts as a notification alert. The Event Log Service records application, security, and system events in Event Viewer. Due to the presence of the event logs in Event Viewer, information about hardware, software, and system components can be obtained and security events can be monitored on a local or remote computer.

The procedure to View Event Logs

There are few steps which have to be followed in order to view event logs. Firstly, Click start and then click Control Panel. Next, one has to click on Performance and Maintenance, then click Administrative Tools, and then double-click Computer Management. Or, open the MMC containing the Event Viewer snap-in. In the console tree, click Event Viewer. The Application, Security, and System logs are displayed in the Event Viewer window.

The procedure to View Event Details

In order to view event details, one has to click Start after that click Control Panel. Click Performance and Maintenance, then click Administrative Tools, and then double-click Computer Management. Or, open the MMC containing the Event Viewer snap-in. Next step is to expand Event Viewer in the console tree and then click the log that has the event that you wish to view. In the details pane, you must double-click the event that you wish to view. You will see the Event Properties dialog box that contains header information and a description of the event. In order to copy the details and description of the event, you must click the Copy button. This leads to the opening up of a new document in the program in which you wish to paste the event. Thereafter, you must click Paste on the Edit menu.

The procedure to interpret the details of an Event

Every Event Header has the following details about the event: It contains the Date when the event occurred. It contains the Time when the event occurred.

It also has the username of that user who was logged on when the event happened. It contains the name of the computer on which the event occurred. It also has the Event ID, a unique event number which identifies the event category. The Event ID is used to help comprehend what occurred in the system. The Event Header also has information about the source of the event such as the name of a program, a system component, etc. Then, it contains details about the type of event. The type is usually of five kinds: Error, Warning, Information, Success Audit, or Failure Audit. Lastly, it also has categorization of the event by the event source. This information is mostly used for the security log.

The Procedure to Find Events in a Log

The default outlook of event logs is to enlist all the entries that it comes across. To locate a particular event, or see a subset of events, you have the option to either search the log, or you can also apply a filter to the log data.

The Process of Searching for a Particular Log Event

In order to
search for a particular log event, you must follow the following steps: First, you must click Start. Thereafter you must click Control Panel. After that please click Performance and Maintenance, then you must click Administrative Tools. Thereafter you must double-click Computer Management. Else you may open the MMC that contains the Event Viewer snap-in.

Then in the console tree, you must expand Event Viewer, thereafter you must click the log that has the event that you wish to view. Then on the View menu, you must click Find. Then you must specify the options for the event that you wish to view in the Find dialog box. Thereafter you must click Find Next. You will see that the event that matches your search specification gets highlighted in the details pane. After this you should click Find Next to find the next incidence of an event as defined by your search specification.

The Procedure to Manage Log Contents

As a default, the preliminary maximum of size of a log is set to 512 KB. When this size is achieved, then new events overwrite previous and older events as and when needed. Then according to your requirements, you can alter or modify these settings, else you may clear a log of its contents.