Event viewer is a Windows Administrative Tool for troubleshooting problems. It displays detailed information about specific events. You can use the Event Viewer to find and troubleshoot problems on your PC.

The Event Viewer contains an event log by which you can identify problems. There is a variety of Event Log files such as Administrative, Operational, Analytic, Debug, and Application log files. 

The techniques to use and utilize the Event Viewer are discussed here briefly.

Instruction About How to Find the Event Viewer?

Before using the Event Viewer, you need to know how and where to find it. Follow the instruction to find it.

1. Search for Event Viewer in the Windows search bar and click on the Event Viewer App
2. Expand the Custom Views from the left menu bar of the Event Viewer and click on Administrative Events 
3. There you will find a lot of event logs like this:

Types of the Events That Are Displayed by the Event Viewer

You will discover many errors and warnings from the Event Viewer app. You may feel anxious to see so many errors occur on your PC. But trust me, there is nothing to worry about because a maximum of these errors are fixed by the windows themselves. 

You need to know about these events al first before using the Event Viewer.

Here is the description of the event log: 

1. Error: The Event Viewer shows a significant problem. If the data or the functionality of a program is lost and unable to load during the startup, an error will be logged by the event viewer.
2. Warning: The event viewer does not always indicate the specific problem. Sometimes, it makes a log of the possible future problem by Warning.
3. Information: The successfully loaded operation of applications, drivers, or services are logged as Information by the Event Viewer.
4. Success Audit: The event viewer logs a success audit when a security access attempt passes successfully as a successful event.
5. Failure Audit: The event viewer logs a failure audit when a security access attempt fails as a failure event. 

How to Use the Event Viewer for Troubleshooting?

It may bring a question inside your head which is if you can skip the warnings then why do you need an event viewer? Well, you can detect specific problems with your pc by observing the time of the event log and can identify the cause of the problem by the event ID.

Maximum minor errors are corrected by the system automatically. That’s the reason why you can watch the errors but will never be able to find the problem. But if you have a specific problem that you are facing with your PC and cannot find the reason behind that, you surely can find it on the Event Viewer.

For example, Your PC freezes randomly. You are not sure why it is happening. You can check the Event Viewer. Look at the errors and the times and associate them with the time when your PC froze. You may find the hardware crash created the critical error and froze your PC. You can change the hardware to fix the error. 

You can also search for the meaning of the Event ID and learn the reason behind the error. 

Description About What Are the Functions of the Event Viewer

The main interface of the Event Viewer has four groups- 

1. Custom Views
2. Windows Logs
3. Application and Services Logs
4. Subscriptions

The most important logs to analyze are the Application, Security, and System under the Windows Logs.

The essential components for the applications to run and the events about the interface can be found inside the Application tab. The security features and login attempts records are stored inside the Security tab. All the other logs of the installed and system apps are can be found inside the System tab.

Searching for Specific Log

There are two ways to search for a specific log from the Event Viewer console. Those are Basic Search and Advanced search.

Basic Search

You can find the error warning and information using a keyword. Follow the steps below.

1. Expand the Windows logs groups from the Event Viewer console.
2. Right-click on a category and click on Find from the list.

3. Type a keyword and click Find Next.

Advanced search

Follow the steps below:

1. Expand the Windows logs groups from the Event Viewer console.
2. Right-click on a category and click on Filter Current Log from the list.

3. Select the possible time of the occurrence from the dropdown menu named Logged.

• Any time.
• Last hour.
• Last 12 hours.
• Last 24 hours.
• Last 7 days.
• Last 30 days.
• Custom range.

4.  Select the level of the event from the Event level.

• Critical
• Warning
• Verbose
• Error
• Information

5. Choose Event sources if you want (Optional).
6. Choose the Task category (Optional).
7. Select Keywords to narrow down the result (Optional).
8. Keep default for the User and Computers.
9. Click Ok to view the filtered related log.

Creating Custom Views

1. Expand the Windows logs groups from the Event Viewer console.
2. Right-click on a category and click on Create Custom View from the list.

3. Click the Filter tab
4. Select Event level and Logged.
5. Select the by-log option.

6. Select other optional tabs and click OK.
7. Give a name for the custom view.

8. Choose where to save the log.
9. Click OK.

Now you will be able to use the customized view.

Clear Log History

It is not recommended to delete the Event Viewer logs as it helps to understand the health of the device. But deleting logs will help you to free up more space and it will be easier to find the specific log for troubleshooting.

To clear data, follow the steps below:

1. Expand the Windows logs groups.
2. Right-click on a category and select Clear Log from the list.
3. Click on the Clear button.

Precaution: You can save log history by clicking Save and Clear.

Frequently Asked Questions (FAQs)

How to view the event log?

Event Viewer is a system console of windows. You can follow the above steps to view the event logs of the Event Viewer.

What is the Windows Application event log?

Application event logs are normally for the application support team. It contains events logged by applications. 

What is the Windows System event log?

The system administrator and technicians use the system event log to troubleshoot the problem. It contains the events logged by the Windows system components.

What is the Windows Security event log?

The system and security administrator use security event logs for forensic examination. It contains events of logon attempts (both successful and failed) and CRUD (Create, Read, Update, and Delete) operations such as Creating, Updating, or Deleting. 

Conclusion

Now you can easily use the Event Viewer to analyze the logs that occurred by the windows on your PC. Though it may seem to be a little bit overwhelming to you at the beginning. But if you can learn to find the specific log for a specific problem from this event viewer, it will be a pretty helpful console for you. The event viewer will not only tell you the problems but also will give the proper solution by giving their respective event IDs.