Overview
This article provides information related to Windows Event Logs.
Information
Windows event logs are the systematic recording of computer-related events that occurred within computer systems and networks running on Windows Operating Systems. In systems running on Windows 2000/XP/2003/Vista, events are recorded and organized in three default event logs:
- Application log
- Security log
- System log
Computers with specialized network roles such as domain controllers and DNS servers allow the logging of events to additional (default) logs such as:
- Directory service log
- File replication service log
- DNS server log
Windows event logs contain the following types of events:
Error-Errorevents indicate that a significant problem, such as loss of data or functionality, has occurred. For example, anErrorevent is recorded every time that a service or driver fails to load during startup.
Warning-Warningindicates events that are not necessarily significant but which may possibly cause future problems. For example, aWarningevent is recorded every time that disk space runs low.
Information-Informationevents describe the successful operation of an application, driver or service. For example, anInformation'event is recorded every time that a network driver loads successfully.
Success Audit-Success Auditevents indicate security access attempts that were successful. For example, aSuccess Auditevent is recorded every time that a user successfully logs on to his/her Windows-based workstation.
Failure Audit-Failure Auditevents indicate security access attempts that failed. For example, aFailure Auditevent is recorded every time that a user fails to access a network drive.
Related Articles
- How can I verify that GFI EventsManager can retrieve Windows events from a target computer?
- How does GFI EventsManager work?
- How to obtain a list of processing rules and related Event IDs used in GFI EventsManager?
- How to configure auditing on files, folders, and registry keys?
Priyanka Bhotika
Comments