Tip #4277 - Vista Event Viewer
Printer Friendly Version | E-Mail This Tip
Vista
Event Viewer
One of the first
places you probably turn to when troubleshooting problems in Windows
XP is the Event Viewer, right? As you may know, the Event Viewer maintains
logs that record information about program, security and system events
that occur on your computer system. While XP's Event Viewer is an
effective tool you can use to view and manage your event logs, gather
information about hardware and software problems, as well as, monitor
security events, it does have its shortcomings. Perhaps the biggest
drawback is it does such a good job of logging events that the number
of items in the log can be staggering. Therefore, sorting through
the logs can be very daunting. Also, not all of the events are well
documented and many aren't documented at all, which often leaves even
the most experienced troubleshooter puzzled.
Another drawback
in the system stems from the fact that Windows XP has other logs that
are stored as text files on the hard disk. This means that when you're
trying to troubleshoot problems, you may have to scan through a bunch
of text files in addition to scanning through the Event Viewer logs.
Fortunately, Windows
Vista's developers have spent a great deal of time and effort on improving
the Event Viewer! Let's take a closer look.
A Tour
To begin, Vista's
Event Viewer has been completely rewritten with a new user interface
that makes it much easier to filter and sort events, as well as, control
which type of events are logged in it. In addition, you can now perform
some basic diagnostic tasks right from within the Event Viewer itself.
Windows Vista's Event Viewer will be the central point of inquiry
for all the operating system's logs. More specifically, the operating
system components that store the logging information in text files
will add events to the event log in Vista.
Other new features
in the Event Viewer allow you to create and save custom views so that
you can easily focus in on the problem you are currently troubleshooting,
you can now create event subscriptions that can collect information
from other computers on a network so that you can more easily correlate
problems that affect multiple computers and you can now assign tasks
that are to run when a certain event occurs.
Let's take a look
around the new Event Viewer in Windows Vista. As you can see in the
first image below, the new user interface provides access to more
pertinent information than Windows XP's Event Viewer, as shown in
the second screenshot below:
As you look at
Vista's Event Viewer, you'll notice that the left pane contains an
expandable tree that provides you with easy access to all of the Event
Viewer's logs. The two main categories are Windows Logs and Applications
and Services Logs. The Windows Logs category includes
the logs that were available in Windows XP, such as the Application,
Security and System logs, while the Applications and Services
Logs are a new category of event logs that store events from
a single application or component.
In the center
is the View pane that provides you with an easy way
to view both the list of events, as well as, the information that
each event contains, as shown below:
On the right side
of the Event Viewer is a new area called the Actions
pane, which contains a list of actions, or commands, that are associated
with the Event Viewer. As you can see by comparing the images provided,
the Actions pane changes to provide relevant tasks, depending on what
is selected.
To make focusing
on specific events easier, you can also create a Custom View
that essentially allows you to create a very detailed event query
that can span over several logs. To help you create a Custom View,
the Event Viewer provides you with a very detailed form, as shown
in the first screenshot below. Once you have created a Custom View,
you can then save it and reuse it later.
Attaching tasks
to events is also a great troubleshooting feature. To make this a
simple procedure, Vista's Event Viewer employs the Task Scheduler
Wizard and provides you with several relevant actions to
attach to the event, as shown below:
Conclusion
In addition to
providing improved performance and a new user interface, the Windows
Vista Event Viewer provides you with a whole slew of new features
to make troubleshooting a much easier task. Yes!
~ Ramachandran
Kumaraswami
Want To Comment On This Tip? Click Here! We'd love to hear from you :-)
Like These Tips? Get 'Em Free In Your E-mail
