Overview
This article provides information related to Windows Event Logs.
Information
Windows event logs are the systematic recording of computer-related events that occurred within computer systems and networks running on Windows Operating Systems. In systems running on Windows 2000/XP/2003/Vista, events are recorded and organized in three default event logs:
- Application log
- Security log
- System log
Computers with specialized network roles such as domain controllers and DNS servers allow the logging of events to additional (default) logs such as:
- Directory service log
- File replication service log
- DNS server log
Windows event logs contain the following types of events:
-
Error
-Error
events indicate that a significant problem, such as loss of data or functionality, has occurred. For example, anError
event is recorded every time that a service or driver fails to load during startup.
-
Warning
-Warning
indicates events that are not necessarily significant but which may possibly cause future problems. For example, aWarning
event is recorded every time that disk space runs low.
-
Information
-Information
events describe the successful operation of an application, driver or service. For example, anInformation'
event is recorded every time that a network driver loads successfully.
-
Success Audit
-Success Audit
events indicate security access attempts that were successful. For example, aSuccess Audit
event is recorded every time that a user successfully logs on to his/her Windows-based workstation.
-
Failure Audit
-Failure Audit
events indicate security access attempts that failed. For example, aFailure Audit
event is recorded every time that a user fails to access a network drive.
Related Articles
- How can I verify that GFI EventsManager can retrieve Windows events from a target computer?
- How does GFI EventsManager work?
- How to obtain a list of processing rules and related Event IDs used in GFI EventsManager?
- How to configure auditing on files, folders, and registry keys?