Windows event log is a record of a computer's alerts and notifications. Microsoft defines an event as "any significant occurrence in the system or in a program that requires users to be notified or an entry added to a log."
The Windows operating system classifies events by type. For example, an information event describes the successful completion of a task, such as installing an application. A warning event notifies the administrator of a potential problem, such as low disk space. An error message describes a significant problem that may result in a loss of functionality. A success audit event indicates the completion of an audited security event, such as an end user successfully logging on. A failure audit event describes an audited security event that did not complete successfully, such as an end user locking himself out by entering incorrect passwords.
Each event in a log entry contains the following information:
Date: The date the event occurred.
Time: The time the event occurred.
User: The user name of the user who was logged on when the event occurred.
Computer: The name of the computer
Event ID: A Windows identification number that specifies the event type.
Source: The program or component that caused the event. of the event.
Type: The type of event (information, warning, error, security success audit or security failure audit.)
In the enterprise, event logs can help an administrator identify and diagnose the source of current system problems and help predict future problems. Entries in Windows event logs can be viewed through Windows Event Viewer or the command-line tool, wevtutil. The Windows Event Log is found in Vista, Windows 7, Windows Server 2008 R2 and Windows Server 2012.
This instructional video from Jack's Tech Corner shows how to use the Windows Event Viewer can be used to view events.
Continue Reading About Windows event log
'Windows event log' is part of the:
View All Definitions