This article provides information related to Windows Event Logs.
Windows event logs are the systematic recording of computer-related events that occurred within computer systems and networks running on Windows Operating Systems. In systems running on Windows 2000/XP/2003/Vista, events are recorded and organized in three default event logs:
- Application log
- Security log
- System log
Computers with specialized network roles such as domain controllers and DNS servers allow the logging of events to additional (default) logs such as:
- Directory service log
- File replication service log
- DNS server log
Windows event logs contain the following types of events:
Errorevents indicate that a significant problem, such as loss of data or functionality, has occurred. For example, an
Errorevent is recorded every time that a service or driver fails to load during startup.
Warningindicates events that are not necessarily significant but which may possibly cause future problems. For example, a
Warningevent is recorded every time that disk space runs low.
Informationevents describe the successful operation of an application, driver or service. For example, an
Information'event is recorded every time that a network driver loads successfully.
Success Auditevents indicate security access attempts that were successful. For example, a
Success Auditevent is recorded every time that a user successfully logs on to his/her Windows-based workstation.
Failure Auditevents indicate security access attempts that failed. For example, a
Failure Auditevent is recorded every time that a user fails to access a network drive.
- How can I verify that GFI EventsManager can retrieve Windows events from a target computer?
- How does GFI EventsManager work?
- How to obtain a list of processing rules and related Event IDs used in GFI EventsManager?
- How to configure auditing on files, folders, and registry keys?