Understanding Event Logs

Written by Barry Dysert (last updated March 16, 2020)

Event logs are like system files to which certain information is written by programs that have no other means of output. For example, a Windows service runs without a user interface, so when the service wants to output a message it does so by writing to an event log. You run the Event Viewer in order to see what all has been written to the event logs over time.

The four most common event logs are Application, Security, Setup, and System, although there are many others. And you can create custom views of the logs so that you can easily pinpoint exactly the information you're looking for. For example, there is an event log called Microsoft | Windows | Diagnostics-Performance | Operational. This log contains information about boot-up performance. If you want a quick way to view what events are causing your system to boot more slowly than you'd like, you can create a custom view (or a filter) to look at that log and only display the "101" events (each type of event has an event ID, and event ID 101 is for slow application startups).

In addition to viewing events in real time, you can create files on disk that contain the event information. Then, you can view those saved logs at a later time.

Event logs are good resources for system administrators, and they're also good for programmers. You may write a Windows service that has no user interface, but you want to capture some important information that it provides. One way to do this is to have the service write to an event log.

Another thing you can do with event logs is to attach a task to a log or even a particular event so that when that log is written to (or that event fires), your task can be activated.

 This tip (11564) applies to Windows 7, 8, and 10.

Author Bio

Barry Dysert

Barry has been a computer professional for over 35 years, working in different positions such as technical team leader, project manager, and software developer. He is currently a software engineer with an emphasis on developing custom applications under Microsoft Windows. When not working with Windows or writing Tips, Barry is an amateur writer. His first non-fiction book is titled "A Chronological Commentary of Revelation." ...

MORE FROM BARRY

Performing Complex Calculations Using the Scientific Calculator

The next time you need to perform calculations at your computer, there's no need to fire up a big spreadsheet program or ...

Discover More

Renaming or Deleting File Folders

Just as you can rename and delete individual files, so to can you rename and delete the folders that contain those files.

Discover More

Using Powercfg to Query an Existing Power Scheme

This tip shows you how to use the command-line Powercfg utility to query a given power scheme from your current environment.

Discover More
More WindowsTips

Creating a Custom View in the Event Viewer

Creating a custom view in the Event Viewer allows you quick access to those events you're interested in watching over ...

Discover More

What is the Purpose of the Security Event Log?

The Security event log captures success and failure audit events when auditing is turned on. This tip explains a bit more ...

Discover More

Deleting Events in Your Event Logs

You don't need to worry about event logs filling up your disk, but you still may want to clean them out eventually. This ...

Discover More
Comments

If you would like to add an image to your comment (not an avatar, but an image to help in making the point of your comment), include the characters [{fig}] (all 7 characters, in the sequence shown) in your comment text. You’ll be prompted to upload your image when you submit the comment. Maximum image size is 6Mpixels. Images larger than 600px wide or 1000px tall will be reduced. Up to three images may be included in a comment. All images are subject to review. Commenting privileges may be curtailed if inappropriate images are posted.

What is nine minus 4?

There are currently no comments for this tip. (Be the first to leave your comment—just use the simple form above!)

Newest Tips
Links and Sharing
OUR COMPANY
OUR PRODUCTS
OUR SITES
 

Copyright © 2025 Sharon Parq Associates, Inc.