Understanding Event Logs

Written by Barry Dysert (last updated March 16, 2020)

Event logs are like system files to which certain information is written by programs that have no other means of output. For example, a Windows service runs without a user interface, so when the service wants to output a message it does so by writing to an event log. You run the Event Viewer in order to see what all has been written to the event logs over time.

The four most common event logs are Application, Security, Setup, and System, although there are many others. And you can create custom views of the logs so that you can easily pinpoint exactly the information you're looking for. For example, there is an event log called Microsoft | Windows | Diagnostics-Performance | Operational. This log contains information about boot-up performance. If you want a quick way to view what events are causing your system to boot more slowly than you'd like, you can create a custom view (or a filter) to look at that log and only display the "101" events (each type of event has an event ID, and event ID 101 is for slow application startups).

In addition to viewing events in real time, you can create files on disk that contain the event information. Then, you can view those saved logs at a later time.

Event logs are good resources for system administrators, and they're also good for programmers. You may write a Windows service that has no user interface, but you want to capture some important information that it provides. One way to do this is to have the service write to an event log.

Another thing you can do with event logs is to attach a task to a log or even a particular event so that when that log is written to (or that event fires), your task can be activated.

 This tip (11564) applies to Windows 7, 8, and 10.

Author Bio

Barry Dysert

Barry has been a computer professional for over 35 years, working in different positions such as technical team leader, project manager, and software developer. He is currently a software engineer with an emphasis on developing custom applications under Microsoft Windows. When not working with Windows or writing Tips, Barry is an amateur writer. His first non-fiction book is titled "A Chronological Commentary of Revelation." ...

MORE FROM BARRY

Adding and Deleting Fonts

Sometimes a document you're working on needs a font different from what comes with Windows. In such a case, a simple Web ...

Discover More

Understanding Data Execution Prevention

Windows has many malware-prevention features. One of these is Data Execution Prevention. This tip provides an explanation ...

Discover More

Rebuilding the Search Index

There may be times when you want to reset the search index and rebuild it from scratch. This tip tells you how.

Discover More
More WindowsTips

What is the Purpose of the System Event Log?

The System event log holds messages generated by device drivers. This tip explains more about it.

Discover More

Viewing Event Logs

Event logs are automatically maintained by the operating system. By periodically viewing them, you'll have a better idea ...

Discover More

Filtering Event Logs

Filtering a log in the Event Viewer allows you quick access to those events you're interested in watching over time. This ...

Discover More
Comments

If you would like to add an image to your comment (not an avatar, but an image to help in making the point of your comment), include the characters [{fig}] (all 7 characters, in the sequence shown) in your comment text. You’ll be prompted to upload your image when you submit the comment. Maximum image size is 6Mpixels. Images larger than 600px wide or 1000px tall will be reduced. Up to three images may be included in a comment. All images are subject to review. Commenting privileges may be curtailed if inappropriate images are posted.

What is 6 + 7?

There are currently no comments for this tip. (Be the first to leave your comment—just use the simple form above!)

Newest Tips
Links and Sharing
OUR COMPANY
OUR PRODUCTS
OUR SITES
 

Copyright © 2024 Sharon Parq Associates, Inc.