Here we show you How to use the Event Viewer in Windows 11 in a simple way.
This in-depth guide will help you learn all there is to know about Event Viewer, a built-in program in Windows 11, and how you get started to start using it to effectively study and diagnose crashes and troubleshoot problems.
How can I open the Event Viewer in Windows?
Event Viewer can be opened in Windows 11 using many means, but the most frequent ones are via the Start menu, Run prompt, or search box on the Taskbar. Using the search box on the taskbar, follow the steps below for accessing Event Viewer:
Search for "event viewer" via the search box on the Taskbar.
For each result appearing, click on it.
Open Event Viewer using the Run command by following these steps:
Open Run using Win+R.
In the Run box, type in eventvwr and press Enter.
Using Windows 11 Event Viewer: The Complete Beginner's Guide
For this tutorial, let's take a closer look at Windows Event Viewer and some of the things it can do.
Event Viewer sections and what they mean
As you may have gathered from the screenshot above, there are four sections that makeup Event Viewer, including:
Custom Views
Windows Logs
Application and Service Logs
Scheduled Tasks
The tab Custom Views allows you to create customized views based on a selection of filters. You can create a custom view here, for example, if you only want to see error logs.
When trying to figure out what's wrong with Event Viewer, one of the most crucial parts to comprehend is Windows Logs.
There are five subsections: Forwarded Events, Application, Security, Setup, and System. Out of these five, you must have a proper understanding of the Application and the System parts. The System section is meant to contain all logs concerning the central system. You can find almost everything in it, including Windows Update, restart, shutdown, and many more. However, the details about your applications are available under the Application panel.
Some of the options available in the Application and Service logs are as follows: Windows PowerShell, OpenSSH, Hardware Events, Key Management Service, and Key Management Service. Head to that perfect place to get details about these utilities.
Suppose you want to view information about a particular type of application fault; for this, you can use subscription to filter out your search. You can tailor a subscription to suit your needs.
Learn More About Custom Views of Event Viewer Here!
Levels and definitions of Event Viewer
By default, Event Viewer shows four levels that are Critical Error, Error, Warning, and Information. Those except there's a level called Verbose. The levels mean some sort of information types. For instance, if something goes wrong with Windows Update, you find the log marked "Error", but when you have restarted your computer, it will fall under "Information".
When you expand various nodes, you will find the levels. The levels are, by default, on the right-hand side of Windows Logs > System.
Check out: Event Viewer Print Logging Settings
Event Viewer Modify Column Details by Adding/Removing
By default, Event Viewer displays columns for Level, Date/Time, Source, Event ID, and a couple more. Sometimes, adding more columns of data can allow you to find out more about a log. To add or remove columns in Event Viewer, follow these steps:
Open Event Viewer in Windows.
Go forward.
Click the menu option View which appears on the right.
Click Add or Remove Columns.
After marking the column(s) you want to appear, click on the Add button.
Alternatively, select a column and click the Remove button.
Click OK to save the change.
Read this to see how you can view the Startup and Shutdown Log in Event Viewer.
Event Viewer
Event Viewer can be used to sort through logs and retrieve information.
You can't use Event Viewer for anything less than this important task. Any logged object can have its exact information located. First, you need to go to a path in the Event Viewer. For that, follow this sample by clicking Windows Logs > System.
Here is the pane containing all the logs. Just click on any log to open the General/Details panel.
You have time, date, and the app in question. You can otherwise drill down in data by clicking Filter Current Log located on the right-hand side.
Next, you select the level of the event, time, ID, etc.
A user, category, term, etc. You can get more granularity on which computer you use if it's part of a network.
Your data is filtered immediately when you click OK. Make a note that most of these filters can be utilized on more than one section.
To know how you can utilize Event Viewer in finding malicious Windows activity, read this.
How to copy the details of an event's log in Event Viewer?
You can copy and paste log details using the following procedures:
Go to any area in the Event Viewer.
Highlight which log you would like to copy.
Copy > Copy Details as Text Right click on the right-hand side of the open log and you will have an option called
Copy and paste into Notepad or other text editor.
Related: How to use Event Viewer to get ChkDsk results.
How to export ALL events from Event Viewer?
Sometimes you will need to save the events so that you can continue researching on the error or situation at hand. In this case, you want to be able to take advantage of the functionality within Event Viewer. Here's how you would save all the events listed in Event Viewer:
Open up Windows Event Viewer.
Navigate to the Forward.
To save all events, highlight that option and click it.
Name the file, and choose a location to save the file to.
Within the menu, click "Save."
Open Saved Log Click the radio button for opening the file to which you saved your logs earlier; afterwards, click the Open button.
Find out how easy it is to export Windows Event Viewer logs!
You want to create a new view in Event Viewer. Which of the following should you do?
You can create a custom view in Event Viewer by doing the following: Open Event Viewer and then click on the Custom Views section.
From there, click on the menu saying Create Custom View.
Enter the filters according to your requirement.
Check the OK box.
You can add it to the Event Viewer as a custom view.
Check it out: By default, Event Viewer is not present in Windows 11.
How do I clear the Event Viewer log or Activity History?
Having the ability to generate a log or history of the activities is also one of the more powerful functions of the Event Viewer. When time allows, you can do the following:
Go to one path in Event Viewer.
On the right, click on "Clear Log."
Click on "Clear.".
You could also use the Save and Clear button, which saves recorded events before clearing them.
By better usage of Event Viewer, you better understand your system's behavior, effectively troubleshoot problems, and keep your system at an optimum level of performance.
Discover how to effectively use Gemini Code Assist in Windows 11 to enhance your coding experience
Learn how to rebuild the Boot Configuration Data (BCD) file in Windows 11 with our step-by-step.
Fix persistent drive errors in Windows 11 after rebooting. Discover effective solutions to troubleshoot and repair your system for optimal performance.
Get ready to learn How to Fix No Internet after setting Static IP on Windows 11, because today we will let you know what you need.
Now get yourself comfortable because, today, we are going to tell you all about how to fix the No AMD graphics driver is installed error on Windows 11.
Get ready to learn How to Fix Your mailbox is almost full Outlook 365 message, as everything will be here.
Today in our article we will talk about The best Android emulators to run Android applications on Windows PC.
Continue reading so that at the end, you will know how to install and configure DNS on Windows Server, for the reason that everything which you need is here.
How to disable Server Manager at startup on Windows Server is what we will cover here.
I will guide you How to fix the error "A bootable operating system could not be found" on Surface
Unable to save permission changes, Access is denied: Fix it in Windows 11. Well, get ready to learn how, because today we will tell you what you need to do.