Windows event log provides information about hardware and software events occurring on a Windows operating system. It helps network administrators track potential threats and problems potentially degrading performance. Windows stores event logs in a standard format allowing a clear understanding of the information. Following are the main elements of an event log:
- Log name: Name of the event log to which events from different logging components will be written. Events are commonly logged for system, security, and applications.
- Event date/time: Includes the date and time when the event occurred.
- Task category: Identifies the type of recorded event log. Application developers can also define task categories to serve as extra information about the event.
- Event ID: This Windows identification number helps network administrators uniquely identify a specific logged event.
- Source: Name of the program or software causing the event log.
- Level: Event level represents the severity of the recorded event log. These include information, error, verbose, warning, and critical.
- User: Name of the user who logged onto the Windows computer when the event occurred.
- Computer: Name of the computer logging the event.