I was asked a question about Windows Event Viewer in an Interview. I was able to explain a few features of the Event Log. Stumbled upon the questions asked about Windows Event Viewer (Event Log).
What is an Event Viewer or Event Log?
The Windows Event Viewer (sometimes called the Event Log) stores details of everything that happens in the OS, from routine operations to crashes and even Blue Screens of Death(BSOD).
Custom View: Used to monitor the specific events on a System.
Windows Logs: Contains the event log information for windows events only.
Application and Service Logs: contains the logs for installed applications, both windows and third party services.
Subscriptions: contains or collect logs from mutliple remote computers and store them to view locally.
Overview: Summary of the view opened.
Summary of Administrative Events: Enumerates all the event logs stored in the system into six different categories.
Critical - Errors that result in a sudden System Failure, like Blue Screen of Death(BSOD), a windows core (kernel) component failure, critical driver stop or power issues.
Error - This is generated when a Windows Component, application or Service Fails.
Warnings - When a Windows component, application or the service triggers a message or error that does not cause the event to stop.
Information - Whenever a Service or component starts / there is an event such as an update, installation or event in an application is recorded.
Audit Success - This is generated when the system is starting and booting to the windows desktop is completed.
Audit Failure - When a routine operation does not complete or reports an error.
Recently Viewer Nodes - Most recents events can be viewed here.
Log Summary - Displays the technical information about the current displayed events.
In the next post, we will see about the Various logs and how to decipher the details of an event in Windows 10.
No comments:
Post a Comment