As the name suggests, Event Viewer (Windows) allows people to view logs of events that have taken place on their devices. Additionally, in times of need, Windows users could get Event Viewer to show particular types of events as well. You want to know which log in Event Viewer lists only Critical, Error and Warning events? In that case, this article is exactly what you need.
Regarding the question “which log in Event Viewer lists only Critical, Error and Warning events?”, Administrative Events log is the answer. In Event Viewer, the Administrative Events log is a central log for all administrator-level activity on a computer. By opening Administrative Events log, you should see error and warning events. To get to Administrative Events log, open Event Viewer, look to the left and hit Custom View.
Event Viewer: A Beginner’s Guide
- Step 1: Press Windows + S.
- Step 2: Type Event Viewer.
- Step 3: Hit Enter.
- System events: These are events that are logged by the operating system or software components. Examples include startup/shutdown events, service events, application events and so on.
- Security events: These events are logged whenever a security-related action is taken. Examples include login/logout events, access events, audit events, …
- Hardware events: These events are logged by hardware components. Examples include disk and network activity, temperature changes, CPU and memory usage, etc.
- Forwarded events: Comprises of event logs logged and forwarded by other computers on the same network.
- Information: These events describe the successful operation of an application, driver, or service.
- Warning: These events describe a potential problem that could cause system instability or data loss.
- Error: These events describe a problem that has already caused system instability or data loss.
- Critical: This level is used for events that indicate a serious problem.
- It’s wise to set your system to generate regular reports on key activities with notable events highlighted.
- You should consider using log management tools to get the most out of your logs.
- Always save your log files in standard formats so they could be read by log management tools.
- Delete old log files as soon as the total size gets too high to free up space.
How To Analyze Event Viewer Entries
All in all, Event Viewer contains a wealth of information that can be used to troubleshoot many issues on Windows computers. Via the logs, you could learn everything about system crashes, software updates, user activity, … Still, while event logs prove handy at times, they can also be overwhelming. Each of the entries contains a lot of details so things may get tough if you don’t know where to start. Take a look at these aspects of Event Viewer entries if you like to get to the bottom of the situation.
- Log name- The event log to which events from different logging components will be written.
- Event ID- This identification number helps administrators uniquely identify a specific logged event.
- Level- Indicates the severity of the event in question.
- User – Contains details of the user account associated with a particular event.
- Source – Identifies the program causing the event.
- Date- Contain the date and time a given event took place.
- Computer- Identifies the PC recording the event.
- OpCode- Informs on what the application did when the event was logged.
Is Windows Event Log Service (EventLog) Important?
Windows Event Log Service is a system service that manages events and their logs. The service collects data from multiple sources including application and system logs then stores it in a central location. Needless to say, Windows Event Log Service is one of the essential services of Windows.
What Are The Components Of The Event Log Security Model?
The Event Log security model has three main components: Event Logging, Event Management, and Event Monitoring. Event Logging is the process of tracking and logging events on a network. Event Management is managing the Event Logs and ensuring they are properly monitored. Event Monitoring is monitoring the Event Logs for security threats and abnormalities.
How Do I Clear Event Log Errors?
If your Event Log is full, it may not be able to record new events. Thus, to make room for new entries, you should clear Event Log from time to time.
- Step 1: Open Event Viewer.
- Step 2: Expand Windows Logs.
- Step 3: Select the log you want to clear.
- Step 4: Go to the Action menu then hit Clear Log.
- Step 5: Click Yes to confirm the action.
Note: You can also clear the Events to log using the command prompt with the following steps;
- Step 1: Go to Search bar, type CMD and click Run an administrator.
- Step 2: In Command Prompt (Admin), type for /f “tokens=*” %1 in (‘wevtutil.exe el’) do wevtutil.exe cl “%1”; and press Enter.
- Step 3: Wait for the Event Log to be cleared. After the process finishes, you will see a message that says “The operation completed successfully”. Close Command Prompt and continue using your PC like normal.