If you haven’t been aware, almost every bigger event in MS Windows system (Xp, Vista, Windows 7) is being logged and saved for a particular time in the event viewer files, or the so called Windows logs. Even though they might mean nothing to you and stay there for good, they might also play specific role in identifying Windows system malfunction reasons as well as various breakdowns related to software and hardware. Windows event logs can be extremely useful for PC maintenance, especially in troubleshooting Windows errors, since every log would display system warnings, alerts and failures.
The location of MS Windows log files
Log files in Windows XP are stored in system disk (C:) and the path most probably looks like this: C:\WINDOWS\system32\config\. In the last “config” folder you may find event viewer files with “evt” extension, such as antivirus.evt, application.evt, security.evt, etc.
Windows 7 log files are stored in a different location. They are in Windows system root catalogue (or your system disk, usually C:) and the path is: system drive:\Windows\System32\Winevt\Logs.
The event viewer files are named almost the same as in Windows XP with a slight difference in extension: application.evtx, security.evtx and so on and so forth.
How to access and read Windows Event Viewer?
You can access Windows XP event viewer in two ways.
First:
1. Right click on “My computer” icon on a desktop, select “Manage”. The Computer management windows will open where you will notice event viewer folder icon.
2. Click on it and the contents will expand.
3. Double click the necessary event log file (Application, Security, System…)
Second:
1. Click on “Start menu”, then “Control Panel”.
2. In a new window find and double click “Administrative tools”.
3. Double click “Event viewer“ shortcut.
To access Windows 7 event viewer log files, you must do the same as in the first Windows XP option. You can also do it another way, but I prefer the first, because it’s easier.
Reading Event viewer warning and alerts
You should specifically pay attention to warning and error signs. In order to read them just click on the event you’re interested in and read the displayed date, source, and event ID information with a description below. You will notice two arrows on a message window – they will take you to the next log file entry.
Cleaning up log files in event viewer
If you need to delete event viewer log files just right click the necessary log file and select “clear all events”. You will be prompted to save the log file before cleaning it, just press no and the file will be cleaned. You may also save the files in any location, just right click on them, select “save log file as”, enter file name and file type (evt, csv or txt).
