QR Code Business Card

Using Event Viewer Logs To Troubleshoot Issues

 

When troubleshooting issues with Windows-based computers, the Event Viewer is a great place to start. The Event Viewer tracks information about applications, security, and system events. This information is stored in log files that can be accessed in the Event Viewer. The Event Viewer is built into current Windows Operating Systems.

Not only will the Event Viewer tell you is a process or any component of the computer is causing an error, it will provide you with a log of that error that can be used to resolve issues. The Event viewer will also track other events such as login attempts, but for our purpose here, we are going to focus on using the Event viewer to gather information for troubleshooting purposes.

Accessing the Event Viewer

To use the Event Viewer, you will need to be logged into the computer as an administrator, or have the administrator user name and password nearby, just in case you are prompted for the administrative password. Open the Event Viewer by clicking the Start button , clicking Control Panel, clicking System and Security, clicking Administrative Tools, and then double-clicking Event Viewer.?

The Event Viewer windows contains three columns. The left hand column the list of logs, the middle column is the event viewer, and the right column lists available actions. When Event Viewer (Local) is selected in the left-column, the event viewer (center-column) will give you a quick overview or ‘health check’ of the computer, where you can quickly scan through any error messages.

Under the Windows Logs in the left-column, you can view logs by category. So if you are troubleshooting a software issue, you can select the Application log, or a hardware issue in the System log, and so forth.

event_viewer_001

Event Viewer tracks information in several different logs. Windows Logs include:

• Application (program) events. Events are classified as error, warning, or information, depending on the severity of the event. An error is a significant problem, such as loss of data. A warning is an event that isn’t necessarily significant, but might indicate a possible future problem. An information event describes the successful operation of a program, driver, or service.
• Security-related events. These events are called audits and are described as successful or failed depending on the event, such as whether a user trying to log on to Windows was successful.
• Setup events. Computers that are configured as domain controllers will have additional logs displayed here.
• System events. System events are logged by Windows and Windows system services, and are classified as error, warning, or information.
• Forwarded events. These events are forwarded to this log by other computers.

Using Event Viewer Logs To Troubleshoot Issues

Let say for example, that I am experiencing random video card crashes. When I open the Event Viewer and look at the summary of error messages, I can see right off the bat that there is an error with my NVIDIA driver.

event_viewer_002

 

If I double-click on the error message, I get a fascinating list of errors:

event_viewer_003

In this view, the first error is selected. In the pane below the event list, I can see a brief description of the error. If I double-click on an error message, I get even more detailed information

event_viewer_004

If I click the Copy button, I can copy the error log paste it into Notepad, Word, an e-mail, or anything else that I can paste text into. From there, I doing a little detective work. I can see now that my error is coming from the NVIDIA OpenGL driver:

[Error Log]
Log Name: Application
Source: NVIDIA OpenGL Driver
Date: 7/20/2014 5:46:00 PM
Event ID: 1
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: RTNOPS-042C
Description:
The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.

Error code: 3
Visit http://www.nvidia.com/page/support.html for more information.
Event Xml:
xmlns=”http://schemas.microsoft.com/win/2004/08/events/event”>
<System>
<Provider Name=”NVIDIA OpenGL Driver” />
<EventID Qualifiers=”49152″>1
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime=”2014-07-21T00:46:00.000000000Z” />
<EventRecordID>37240</EventRecordID>
<Channel>Application</Channel>
<Computer>RTNOPS-042C</Computer>
<Security />
</System>
<EventData>
<Data>The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.

Error code: 3
Visit http://www.nvidia.com/page/support.html for more information.</Data>
</EventData>
</Event>

I can take this information and head over to NVIDIA’s website to see if they have a resolve for this error. Of course, the first thing I am going to do is see if there is an updated video driver. If there is, I will download and install it and see if it resolves my issue.

 Other Resources for Using and Managing the Event Viewer

For more information on using the Event Viewer, check out these resources:

I hope this post was useful for you. If you have any questions or concerns regarding this process, please feel free to contact me. I won’t sell your information or try to spam you, but I will try to help you or at least get you going in the right direction.

Thanks for reading, and Peace!

Comments are closed.

Translate This Page:

Post Categories:

Post Archives: