How To Utilize The Windows Event Log

By | April 10, 2016

Ever heard of the Windows Event Log? In most cases, everyday computer users have not heard of this tool that Microsoft provides in all of its operating systems. This utility tends to be only used by computer technicians or others who work in computer related fields.

The main reason the Windows Event Log is an under-used tool by general computer users is because it can seem too complex to use and understand. It also seems that about 90% of all events logged are either informational or serve no purpose at all.

Having said this, there are some very good ways to utilize the Windows Event Log. It can be very good at giving hints or clues for the cause of many computer problems. There are also some other tools out there that one can utilize to help decipher the event log easier.

Let me give you a quick lesson on how to access the windows event log, what kinds of events you should be looking for and ways you can further decipher events that have been logged.

The following instructions will be for those working with Windows 7.

How To Access The Windows Event Log

There are several ways you can actually access the logs, but I am going to show you the way I do it.

1. Go to your Start menu
2. Put your cursor in the ‘Search Programs and Files‘ box
3. Type eventvwr and hit the Enter key and the Event Viewer window will popup

Windows 7 introduces a little bit of an overhaul on the overall look of the event viewer. Out of all the changes, I can see one that actually may be useful.

Let me show you exactly what I mean.

The event viewer opens to an ‘overview’ screen when first loaded. In this initial screen, there is a window call the Summary of Administrative Events window that shows an overview of the latest type of events that have been logged.

TIP: The only two types of events you need to be concerned with are those marked as Errors or Warnings.

How To View The Windows Event Log

Now that you have the actual event viewer open, let me show you how to actually view the logs.

1. Locate the left pane in the Event Viewer window
2. Click the arrow next to Windows Logs to expand them

At this point we are only concerned about the Application and System logs. The System log takes precedence over application in my opinion.

3. Highlight System and the right or middle pane will show you the events that have been logged starting with the latest first.
4. Highlight a particular log to see more details on that specific entry

What You Should Really Be Looking For In The Windows Event Log

There are three important pieces of information you need to be looking at when looking at logs and they are as follows:

1. Level – Informational, Warning or Error
2. Source – Application that logged the event
3. Event ID – Identification number of the event

Tip: If you are not looking for a specific error, but may be investigating an issue with your computer then you should first look at the logs marked with a level of Error first.

Real Life Example: Using the event log is a great way to diagnose a bad hard drive. If a person is experiencing symptoms of a bad hard drive such as a sudden slow-down with their computer, then a super-quick way to do some initial diagnosis is to check the event log.

If you check the system log and see an entry with the level of Error and a source of Disk, then it is a safe bet that the hard drive in that particular machine is starting to fail.

Let Some Other Tools Help You

Unless you have worked extensively with monitoring event logs and researching why certain events are logged, then most of the time entries are going to be hard to understand.

Fortunately, there are a few online tools out there that you can use to help you understand why events are logged and what you can do to fix them.

The website I like to use most is located over at EventID.net. This website does have a paid membership section, but in most cases I can get all of the information I need by just using the free access.

When you go to EventID.net, there will be two boxes where you need to put information in. You will need to put in the Source and EventID then just click search.

The results may return several entries, but just find the one that fits your issue best and then click the link at the bottom of the box to see what others have to say about diagnosing and fixing this particular issue.

 

After you do this a time or two, you will get the hang of how to use the website. Overall, it is a pretty easy process.

In conclusion, I hope that if you have never heard or used the Windows Event Log that this post prompt you to check it out and learn how to use it. As you use it and learn what you should be looking for, you can quickly diagnose computer problems in a much quicker fashion.

I recommend that you start using the Windows Event Log today.

 

 

Leave a Reply

Your email address will not be published.