Section 8.5: Monitoring Event Logs

Windows XP Professional records events in three logs:

  • System log, which contains events generated by the system components in Windows XP Professional;
  • Application log, which contains events generated by applications; and
  • Security log, which records security events, such as valid and invalid logon attempts, and events related to resource use, such as creating, opening, or deleting files. An administrator can specify which events are recorded in the Security log.

You can use Event Viewer to view these logs.

To open Event Viewer:

  • Click on the start button
  • Double-click EVENT VIEWER

8.5.1: Event Logs

Event logs allow you to monitor information about hardware, software, system problems, and security. These logs can also be used to provide a history of events.

8.5.2: System and Application Events

By monitoring system and application events you can identify and track resource use, system errors, and application errors. System events, which are automatically configured by Windows XP Professional, are recorded in the System log while application events, which are determined by the application developer, are recorded in the Application log. After events are recorded in these logs, you can view and analyze the logs to detect activities and events that require administrative consideration. Based on your analysis of the logs, you may need address system problems or reallocate resources. You may also need to address changes in application configuration or system configuration.

There are three types of system and application events:

  • Information Indicates information about the successful operations of applications, drivers, or services.
  • Warning Indicates information about events that are not urgent, but may indicate a future problem with system operations.
  • Error Indicates information about significant problems with system operations, such as loss of data or loss of functionality.