Understanding Event Logs

Written by Barry Dysert (last updated March 16, 2020)

Event logs are like system files to which certain information is written by programs that have no other means of output. For example, a Windows service runs without a user interface, so when the service wants to output a message it does so by writing to an event log. You run the Event Viewer in order to see what all has been written to the event logs over time.

The four most common event logs are Application, Security, Setup, and System, although there are many others. And you can create custom views of the logs so that you can easily pinpoint exactly the information you're looking for. For example, there is an event log called Microsoft | Windows | Diagnostics-Performance | Operational. This log contains information about boot-up performance. If you want a quick way to view what events are causing your system to boot more slowly than you'd like, you can create a custom view (or a filter) to look at that log and only display the "101" events (each type of event has an event ID, and event ID 101 is for slow application startups).

In addition to viewing events in real time, you can create files on disk that contain the event information. Then, you can view those saved logs at a later time.

Event logs are good resources for system administrators, and they're also good for programmers. You may write a Windows service that has no user interface, but you want to capture some important information that it provides. One way to do this is to have the service write to an event log.

Another thing you can do with event logs is to attach a task to a log or even a particular event so that when that log is written to (or that event fires), your task can be activated.

 This tip (11564) applies to Windows 7, 8, and 10.

Author Bio

Barry Dysert

Barry has been a computer professional for over 35 years, working in different positions such as technical team leader, project manager, and software developer. He is currently a software engineer with an emphasis on developing custom applications under Microsoft Windows. When not working with Windows or writing Tips, Barry is an amateur writer. His first non-fiction book is titled "A Chronological Commentary of Revelation." ...

MORE FROM BARRY

How To Enable Jump Lists

Jump lists are handy time savers. Some consider them a privacy issue, though. Whichever way you see it, this tip shows ...

Discover More

How to Change Drive Letters

Windows is quite configurable. It even allows you to change the drive letters associated with your disk drives. Although ...

Discover More

Launchy

Launchy is a small utility that packs a powerful punch. It allows you to instantly find files and launch them without ...

Discover More
More WindowsTips

Adjusting the Size of an Event Log

Event logs are used to store information about what goes on, behind the scenes, on your system. Whether you want to ...

Discover More

What is the Purpose of the Forwarded Events Event Log?

The Forwarded Events event log collects events that have been forwarded from other computers. In this way you can login ...

Discover More

Filtering Event Logs

Filtering a log in the Event Viewer allows you quick access to those events you're interested in watching over time. This ...

Discover More
Comments

If you would like to add an image to your comment (not an avatar, but an image to help in making the point of your comment), include the characters [{fig}] (all 7 characters, in the sequence shown) in your comment text. You’ll be prompted to upload your image when you submit the comment. Maximum image size is 6Mpixels. Images larger than 600px wide or 1000px tall will be reduced. Up to three images may be included in a comment. All images are subject to review. Commenting privileges may be curtailed if inappropriate images are posted.

What is nine minus 1?

There are currently no comments for this tip. (Be the first to leave your comment—just use the simple form above!)

Newest Tips
Links and Sharing
OUR COMPANY
OUR PRODUCTS
OUR SITES
 

Copyright © 2024 Sharon Parq Associates, Inc.