Event Viewer is a log that records activity in Windows. It is used primary by IT pros trying to diagnose and fix problems, as well as understanding features. Event Viewer has lot of features that most users only scratch the surface, such as troubleshooting via connecting to remote computers. Here in this article, we will learn how to use several features of this program.
How to find Event Viewer
The easiest way to access Event Viewer is to click the Search icon on the bottom of the taskbar and typing Event Viewer.
In Event Viewer there are four main groups, which is located on the left side of the interface, on the Event Viewer (Local) section. The four groups are Custom Views, Windows Logs, Applications and Service Logs.
For the most part, you’ll be using the Applications, System and Security logs to analyze and investigate issues.
The Application section focuses to matters involving the interface and other essential components that is needed for an app to run successfully.
There are three kinds of event levels in which the Event Viewer tracks. The Error logs tracks problems that require immediate attention while Warning tracks problems that are less significant but could cause some applications to not work as expected. The last level, Information simply records normal operations of the computer.
You can select any one of the four groups to view additional information while in the console. You will still see errors and warnings even though the device is working normally, but for the most part it would not be anything concerning. All apps should be having its events logged, but it may vary for some third-party applications.
To view more information, such as viewing how many events that happens for each disk, select Event Viewer from the top left. For example, if you select one of the groups on the right side, you’ll see all of the dates, times, sources, IDs, task categories for that event.
In most cases the description area offers enough information about the problem so you can figure the resolve it. The “Event ID” is also important, as you can use that in an online search to find out how to fix problems for that.
For specific events, there is an Advanced Search feature. You can do that by opening the Event Viewer, expand the event group and choosing the Filter Current Log via right-clicking a category. Then, click the Filter tab, use the “Logged” menu to select a time-range to find out when the event occurred. Select the level of interest and use the default options for User and Computers. And finally press OK.
To do a basic search, right-click a category, expand the event groups listed and choose the Find option by right-clicking a category.
Type any keyboard you wish and press the Find Next Button to highlight the event.
To clear logs, expand the event groups, right click the category you wish to clear and select Clear Log from the pop-up list.