The Windows Event Viewer

📝 What is the Event Viewer?

Definition: The Event Viewer is a built-in Windows application that logs events occurring on your system. It functions like a diary for your computer, recording system and application activities. 📅🖥️
Purpose: It's useful for troubleshooting various issues, such as software crashes, login problems, or understanding system activities.

How to Launch:
- Start Menu: Search for Event Viewer.
- Run Box: Type eventvwr.msc and press Enter. 🖱️🔍

Default View: Shows a summary of recent events. For more detailed investigation, use the left-hand pane to explore different event groupings. 📈
Custom Views:
- Purpose: Custom views allow you to filter and view specific types of events. This is useful for isolating relevant information from a large volume of data.
- How to Create:
  1. Click "Create Custom View" in the Actions pane.
  2. Set filters such as event severity (e.g., Error and Critical).
  3. Choose the log duration (e.g., Last Hour).
  4. Name and save the custom view to see only the filtered events.

Windows Logs:
- System Logs: Track system-wide events such as driver issues and startup errors.
- Security Logs: Monitor user access and security-related events. 🔒
Applications and Services Logs:
- Purpose: Logs events from individual applications or system components.
- Example: Troubleshooting PowerShell issues would involve checking the PowerShell log under this category. 🛠️

Event Information: Each log entry provides details such as:
- Logging Level: Ranges from Information (low) to Critical (high). ⚠️
- Date and Time: When the event occurred.
- Detailed View: Selecting an event shows more information in the bottom pane, aiding in troubleshooting and context for issues. 🕰️

Utility: A powerful tool for IT support specialists to diagnose and understand software or hardware problems.
Tips:
- Use custom views and filters to manage the information effectively.
- Explore the interface to become familiar with its features and capabilities. 🧑‍💻

Last updated 10 days ago