Table of Contents
Why you need this article
The Event Viewer is a tool in Windows that displays detailed information about significant events on your computer. Some of the information you will find are programs that don't start as expected, or automatically downloaded updates. Troubleshooting Windows and application errors can be eased by using the Event Viewer.
What you will see
Event Viewer displays a ton of information, here is a breakdown of what each entry can mean:
- Error: A significant problem, such as loss of data or loss of functionality. For example, if a service fails to load during startup, an error will be logged
- Warning: An event that is not necessarily significant, but may indicate a possible future problem. For example, when disk space is low, a warning will be logged
- Information: An event that describes the successful operation of an application, driver, or service. For example, when a network driver loads successfully, an Information event will be logged
- Success Audit: An audited security access attempt that succeeds. For example, a user's successful attempt to log on to the system will be logged as a Success Audit event
- Failure Audit: An audited security access attempt that fails. For example, if a user tries to access a network drive and fails, the attempt will be logged as a Failure Audit event
Your OS will automatically start the Event Log Service when you log into Windows. All users are able to view Application and System logs while Security logs are only accessible by Administrator accounts.
Getting there
By launching the Event Viewer you can review the systems logs to gather detailed information about software, hardware, and system problems. You can also monitor Windows security events as those are logged as well. There are a number of ways to actually open the Event Viewer but we will cover the simplest. So let's launch it to get going!
Using the Start Menu
- Click the Start button
- Type Event Viewer and select the first option
Image
Using Windows Run
- Right click the Start button
- Select Run
Image
3. In the new Window, type EventVwr and hit Enter
Image
Familiarizing yourself with Event Viewer
Once Event Viewer is running you will see a lot of information and it may be a little overwhelming but let's cover the basics. Right out of the gate you may see a significant amount of Warning and Error events logged, don't panic, let's break those down.
Image
- Information – An event that describes the successful operation of an application, driver, or service.
- Warning – An event that is not necessarily significant, but may indicate a possible future problem. For example, when disk space is low, a Warning event is logged. If an application can recover from an event without loss of functionality or data, it can generally classify the event as a Warning event
- Error – An event that indicates a significant problem such as loss of data or loss of functionality. For example, if a service fails to load during startup, an Error event is logged
- Audit Success – An event that records an audited security access attempt that is successful
- Audit Failure – An event that records an audited security access attempt that fails
Image
On the left you will see expandable sections, each main section refers to different events occurring on your system. Events are placed in different categories, each of which is related to a log that Windows keeps on events regarding that category.
Image
- Application – System components like drivers on your Windows 10 computer report their problems
- Security – Events under this category show the results of a security action
- Setup – Refers to domain controllers
- System – System events report problems and warnings from Windows system files and programs installed on the system. Most of them can be self-healed
- Forwarded Events – Events sent from other computers
The Application, Security, and System sections are likely the only ones in which you will find useful information
Once you select a category like System you will see the events in the middle window. All events will be logged in this window and can get a little daunting. You can select one of the events to check the Event ID and see detailed information about the event.
Image
Fields
- Level – This tells you how severe the event is
- Source – This is the name of the software that generates the log event. The name usually doesn’t directly match with a filename, of course, but it is a representation of which component caused the problem
- Event ID – The exact Event ID is populated by Windows and identifies the type of problem that was encountered. Remember, without additional information such as Source, this Event ID may point to a number of different solutions.
Try applying a Filter to the current log by selecting Filter Current Log on the left side. Select Critical and Error then click OK
Image
The events and Event IDs are what you're trying to find however their usefulness can range from something super specific and obvious to very vague messages that make no sense. Generally we recommend searching (any search engine) for the General description or the Event ID and Source as these usually return the clearest results and usually provide a quick solution.
The Event ID is unique for each application so there may be a significant amount of overlap unless you include the Source in your search.
Using the Event Viewer can be a powerful tool when troubleshooting system problems like Blue screens, program or system crashes and much more. You can also view information online about any particular Event ID for detailed descriptions.
Generate logs
In the event you are unable to determine the cause of your issues, you may need to share your logs with Puget Systems Technical Support. If you have identified an error you cannot solve or if Puget Support asks you to provide your Event Logs follow this guide:
1. Open Event Viewer using one of the above paths
2. Expand Windows Logs in the left pane
3. Select System (or whichever category you are instructed to)
4. In the Actions menu on the right, select Save All Events As
5. Give the file a name that is recognizable (your Puget Systems order number is perfect) then click Save
You're done! Please attach the file to your email with us so that we can assist further.
Conclusion
The Event Viewer is a robust diagnostic tool when troubleshooting through a systems issues. The errors can point in a number of different directions but when searched correctly the results can yield some powerful solutions. Your Puget Systems Support team may ask for a copy of the logs in an effort to effectively find a solution to your issues. As always, if you have any questions about your Puget computer please don't hesitate to reach out!
Need help with your Puget Systems PC?
If something is wrong with your Puget Systems PC. We are readily accessible, and our support team comes from a wide range of technological backgrounds to better assist you!
Looking for more support guides?
If you are looking for a solution to a problem you are having with your PC, we also have a number of other support guides that may be able to assist you with other issues.