Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
Windows Vista

Diagnosing Issues in Windows Vista (part 1) - Monitoring Windows Event Logs

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
3/26/2011 6:03:15 PM

Monitoring Windows Event Logs

The Windows Vista operating system ships with dozens of features and applications. In addition, it provides one of the most flexible platforms for installing new hardware and applications. All of these components of the system might need to send messages and notifications to users. Examples include warnings, error messages, and status messages. In some cases, graphical programs might have their own user interface for displaying messages. Some programs can use system tray notifications to get attention. However, many components of Windows Vista do not have user interfaces at all.

The Windows event logs enable operating system features, drivers, applications, and services to record important information that users might need to review. Application developers can create their own event logs or write to existing ones.

Using the Event Viewer

It is not uncommon for the Windows operating system to have thousands of messages that might provide some useful types of information. Clearly, using a method such as text files would make it difficult for you to find information that is of interest. To help resolve this potential information overload, Windows Vista includes an updated Event Viewer console that enables users and support technicians to access and review relevant event-related information quickly.

You can launch Event Viewer through the Administrative Tools program group or by searching for it using the Start menu. Figure 1 shows an example of the information available in the Event Viewer user interface.
Figure 1. The default display of the Event Viewer application

Viewing Events by Event Types

One of the more challenging aspects of monitoring system-related messages such as those stored in the Windows event logs is filtering out unwanted details. Event Viewer automatically performs several different types of grouping. In the Administrative Events section under the Custom Views grouping, Event Viewer displays items based on the type and importance of the message. The default event types you see in all event logs include the following:

  • Critical Serious system-related issues that could cause downtime or data loss. Review these items immediately.

  • Error Application-related or service-related error reports.

  • Warning Informational messages that can identify potential situations of which users should be aware.

  • Information Messages that provide details but are not necessarily warning or error conditions.

  • Audit Success and Audit Failure Events that are generated based on auditing options you enable.

You can obtain an overview of items in each category by expanding the relevant section. You can get more details about a specific item by double-clicking it in the list. Figure 2 shows a network-related warning. The General tab provides basic information about the event, including when it occurred and a text description. You can obtain additional information about the event by clicking the Details tab.

Figure 2. Viewing details for a warning message, using Windows Event Viewer

When troubleshooting a computer running Windows Vista, a good first step is to access Event Viewer and then examine a list of the critical and error-related events (if any). A good starting point for getting an overview of important events is to select the Administrative Events item in the Custom Views folder. You can easily identify a wide range of issues, from application problems to hardware-related configuration details, in this section.

Viewing Specific Event Logs

Another method by which Windows Vista categorizes event information is based on the actual event log itself. The primary types of Windows event logs include the following:

  • Application

  • Security

  • Setup

  • System

Numerous additional logs are available within the Applications And Services Logs section in Event Viewer. Figure 3 shows some examples. Each of these logs is specific to a particular application, service, or operating system function. For example, there are logs related to various diagnostics such as networking and disks.

Figure 3. Viewing a list of available event logs

Overall, Event Viewer can provide a great starting point for detecting specific problems or errors that are occurring on the system. In fact, users should monitor these messages regularly, even if the system appears to be running properly.

Real World

Anil Desai

Over time, operating systems and applications have become increasingly complicated. Platforms such as Windows Vista include dozens of features and options that you can configure based on users’ settings. There’s always the potential for some of this functionality to stop working correctly. That’s when the process of troubleshooting is required.

In the past, there have been frustrating technical problems in which I resorted to making seemingly random system changes in an attempt to resolve the issue. Although it’s often tempting to attempt to make haphazard changes to a system and measure the effects, this is rarely the most efficient route to correcting a problem. In some cases, you might get lucky, but there’s almost always a better approach.

Perhaps the single most important aspect of troubleshooting complex issues is developing a logical process. Some examples of steps include the following:

  • Identify the issue Before beginning the troubleshooting process, it’s important to have a clear picture of the issue you need to resolve. In some cases, the problem might be apparent. For example, if Windows Vista does not boot properly, the symptoms are clear. In other cases, the problems might be more difficult to detect. For example, a customer might mention that his or her computer has slowed down significantly over time. There are numerous potential causes of this problem.

  • Collect details about the problem The most common cause of technical issues is change. When troubleshooting operating system issues, some important questions to ask revolve around when the problem started. Generally, you’ll often find that the user has installed new software or hardware on the computer or changed the configuration of a feature. It’s important to note that this isn’t always the case; for example, hardware failures can crop up seemingly instantly and cause serious issues.

  • Develop a troubleshooting plan Often, there are numerous ways in which you can attack a particular problem. Your goal should be to combine information about the likelihood of a solution and its difficulty. For example, it’s quite likely that reinstalling the operating system from scratch will resolve many common issues. However, the time-consuming process of reinstalling and reconfiguring applications should make this option a last resort. Using malware scanners such as Windows Defender and other system utilities might be more likely to resolve the problem and require less effort.

  • Verify the solution It probably goes without saying that you should retest to verify that the issues you identified in the first step have been resolved.

When working in the role of a Consumer Support Technician, you might find yourself resolving problems for the customer. To prevent future problems, it’s often worthwhile to educate the user about the source of the problem and how he or she might avoid the problem in the future. This can significantly help improve the end-user experience and reduce the amount of support you’ll need to provide in the future.

For experienced technical professionals, these steps might seem like common sense. However, many different approaches to solving problems are available. To use an analogy from the medical profession, an important directive is “First, do no harm.” Some types of troubleshooting steps (such as wiping the hard disk and doing a complete reinstallation) might be excessive. They’re roughly analogous to curing the disease by killing the patient. The overall key is to remember to follow an organized process when troubleshooting simple and complex problems and to use the most efficient (and least harmful) method of resolution.

Other -----------------
- Using Windows Complete PC Backup and Restore (part 2) - Performing a Complete PC Restore
- Using Windows Complete PC Backup and Restore (part 1) - Creating a Complete PC Backup
- Using the Backup and Restore Center (part 4) - Using Previous Versions of Files
- Using the Backup and Restore Center (part 3) - Restoring Files from a Backup
- Using the Backup and Restore Center (part 2) - Performing File Backups
- Using the Backup and Restore Center (part 1) - Planning for Backups
- Windows Firewall: Bidirectional Protection
- Example: Scripting Internet Explorer
- Programming the WshNetwork Object
- Supporting Desktop Applications : Repair a Corrupted Operating System (part 4)
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Windows Vista
Windows 7
Windows Azure
Windows Server