Remember to maintain security and privacy. Do not share sensitive information. Procedimento.com.br may make mistakes. Verify important information. Termo de Responsabilidade

How to Use Event Viewer in Windows to Monitor System Events

Event Viewer is a powerful tool in the Windows operating system that allows users to view and analyze logs of system events. These logs can help diagnose problems, monitor system performance, and maintain security. This article will guide you through the basics of using Event Viewer, including how to access it, navigate its interface, and utilize its features effectively.

Accessing Event Viewer:

  1. Via the Start Menu:

    • Click on the Start button.
    • Type "Event Viewer" in the search box.
    • Press Enter or click on the Event Viewer app from the search results.

  2. Via the Run Dialog:

    • Press Win + R to open the Run dialog.
    • Type eventvwr.msc and press Enter.

  3. Via Command Prompt or PowerShell:

    • Open Command Prompt or PowerShell.
    • Type eventvwr and press Enter.

Navigating Event Viewer:

Once Event Viewer is open, you will see a hierarchical tree structure on the left pane. The main sections include:

  • Custom Views: Allows you to create and manage custom views of events.
  • Windows Logs: Contains logs for Application, Security, Setup, System, and Forwarded Events.
  • Applications and Services Logs: Logs specific to applications and services running on the system.

Examples:

  1. Viewing System Logs:

    • In the left pane, expand "Windows Logs."
    • Click on "System" to view system-related events.
    • The middle pane will display a list of events. Click on any event to view its details in the lower pane.

  2. Creating a Custom View:

    • Right-click on "Custom Views" and select "Create Custom View."
    • In the dialog box, specify the criteria for your custom view, such as the time range, event level (e.g., Error, Warning), and event logs.
    • Click OK, give your custom view a name, and save it.

  3. Filtering Events:

    • Select a log (e.g., System) from the left pane.
    • Click on "Filter Current Log" in the Actions pane on the right.
    • Specify your filter criteria and click OK to apply the filter.

  4. Exporting Logs:

    • Select the log you want to export.
    • Click on "Save All Events As" in the Actions pane.
    • Choose a location and file format (e.g., .evtx, .xml) to save the log.

Using Event Viewer via Command Line:

You can also use the wevtutil command to manage event logs via the command line. Here are a few examples:

  • List all logs:

    wevtutil el

  • Export a specific log:

    wevtutil epl System C:\Logs\SystemLog.evtx

  • Clear a specific log:

    wevtutil cl System

To share Download PDF

Windows CMD PowerShell Event Viewer wevtutil eventvwr eventvwr.msc

Gostou do artigo? Deixe sua avaliação!
Sua opinião é muito importante para nós. Clique em um dos botões abaixo para nos dizer o que achou deste conteúdo.