Written by Barry Dysert (last updated March 16, 2020)
Event logs are like system files to which certain information is written by programs that have no other means of output. For example, a Windows service runs without a user interface, so when the service wants to output a message it does so by writing to an event log. You run the Event Viewer in order to see what all has been written to the event logs over time.
The four most common event logs are Application, Security, Setup, and System, although there are many others. And you can create custom views of the logs so that you can easily pinpoint exactly the information you're looking for. For example, there is an event log called Microsoft | Windows | Diagnostics-Performance | Operational. This log contains information about boot-up performance. If you want a quick way to view what events are causing your system to boot more slowly than you'd like, you can create a custom view (or a filter) to look at that log and only display the "101" events (each type of event has an event ID, and event ID 101 is for slow application startups).
In addition to viewing events in real time, you can create files on disk that contain the event information. Then, you can view those saved logs at a later time.
Event logs are good resources for system administrators, and they're also good for programmers. You may write a Windows service that has no user interface, but you want to capture some important information that it provides. One way to do this is to have the service write to an event log.
Another thing you can do with event logs is to attach a task to a log or even a particular event so that when that log is written to (or that event fires), your task can be activated.
This tip (11564) applies to Windows 7, 8, and 10.
Event logs are used to store information about what goes on, behind the scenes, on your system. Whether you want to ...Discover More
The Forwarded Events event log collects events that have been forwarded from other computers. In this way you can login ...Discover More
Assuming you have proper access to remote computers, you can examine their event logs from your system without much ...Discover More