How to Use Event Viewer to Troubleshoot Windows Problems
Everything you need to know to get started
There is a lot going under the hood of a Windows computer. Using the Event Viewer, it’s possible totrack Windows processes, helping you diagnose pesky problems without an obvious cause.
The Event Viewer can be confusing to use, however, owing to its outdated UI and poor layout. Here is a guide on navigating theEvent Viewerto troubleshoot any Windows issues.
Getting Started With the Event Viewer
The Windows Operating System “logs” every significant activity while it runs. The Event Viewer is just an app that helps you access andread these logsin one place, rather than manually opening each text file in Windows Explorer.
Understanding the Interface
Event Viewer doesn’t exactly have an intuitive interface. The tool can be a bit confusing at first, so let’s go over all the elements one by one.
On running Event Viewer, you will notice that the window is divided into three panes. The left side categorizes the events in a folder view, letting you quickly navigate to a particular type of event logs.
There are four main types of logs:
This is where the logs are actually listed. By default, it displays anOverview and Summaryof events, rather than any specific category.
The first section (and probably the most important) is theSummary of Administrative Events. It lists crucial system events in the past week, giving you a quick glimpse of the system’s health. The events are also classified by their timeframes on an hourly, daily, and weekly basis.
There are five event types in this section:
The right panel of the window contains all actions you can take for a selected item. The actions change based on whether you have a folder selected or an event.
You canCreate a Custom View,view thePropertiesof a log, orSave Selected Eventsto view them later, among other actions.
How to Read Event Logs
Opening a view and going through the event logs is simple enough, but how do you make sense of all that information? Here’s a breakdown.
When you select an event, theGeneraltab opens up, displaying a short summary of the error followed by a bunch of information fields:
That may seem like a lot of information to take in, but you don’t need to read through all the fields. The most important fields areLevelandSource.
With Level, you can tell how serious the event is (with Critical events being most important) and Source informs you of the originating app or component. This lets you find andkill the problematic process.
How to Troubleshoot Windows Problems With the Event Viewer?
When you suffer a sudden system crash, your first stop should be the Event Viewer. Run the Administrative View and check for any Critical events.
As fatal system crashes always generate a critical event, this helps you quicklyzero down on the errant process and start looking for a fix. Depending on the Windows component involved, the fix might be as simple as updating drivers or running SFC from the Command Prompt.
For smaller issues, you may have to go through the Error events as well. It helps if you know which app or feature is misbehaving, as even a healthy system generates some errors.
Levin Roy is a software engineer who loves writing about technology. Whether it is Windows tips-and-tricks or in-depth guides about application development, Levin uses his practical experience and technical skills to create articles that can help solve tricky problems.Read Levin’s Full Bio
Welcome to Help Desk Geek- a blog full of tech tips from trusted tech experts. We have thousands of articles and guides to help you troubleshoot any issue. Our articles have been read over 150 million times since we launched in 2008.
HomeAbout UsEditorial StandardsContact UsTerms of Use
Copyright © 2008-2024 Help Desk Geek.com, LLC All Rights Reserved
