UEU-co logo


Previous Page Next Page

Working with the Event Viewer

A huge number of things are happening at any one time on a server: Users are logging in and accessing files, drives are spinning away, and processors are trying to make sense of it all. Each of these instances is considered an event. Being able to monitor these events and use them to interpret the health of your servers is an important aspect of administering a Windows Server 2008 network.

As its name suggests, the Event Viewer is used to view events. Although it is more of a passive tool (it doesn’t supply you with the real-time data that you see in the Performance Monitor), it does give you access to a great deal of information.

As you have already seen as we have explored the various Windows Server 2008 server roles throughout this book, you can view the events related to a particular role by selecting that role node in the Server Manager. For example, you can view the events related to file services on a file server by clicking the File Services node in the Server Manager node tree (see Figure 24.18).

Figure 24.18. View events related to a particular role in the Server Manager.

[View full size image]

Although the Server Manager provides quick access to events related to a role, let’s take a closer look at the Event Viewer, which can be opened as a separate snap-in. The Event Viewer accumulates events in a number of log files: Event Viewer can help you monitor hardware, application, service, and security issues.

The Event Viewer (Start, Administrative Tools, Event Viewer) provides two main categories of logs: Windows logs and Applications and Services logs. The Windows logs include the following:

A new set of logs, the Applications and Services logs, provide event logging for individual applications and server components. The default Application and Services logs include the Hardware Events (events related to hardware installation and failure), Internet Explorer (Internet Explorer–specific events) and Key Management Service (which is related to the use of encryption keys when sending and receiving data to other computers on the network). Other logs available in this category depend on the software and roles installed on the server.

A system of icons is used to classify the type of event that has been recorded in a particular event log. In the System log and the Application log, you can find the following event categories (each represented by a different icon in the Event Viewer):

To view a specific log in the Event Monitor, select the log’s node in the node tree. The events recorded in that log appear in the Details pane. Figure 24.19 shows Information, Warning, and Error icons in the System log.

Figure 24.19. Different icons are used to identify the type of event recorded in a log file.

[View full size image]

Two additional icons are found in the Security log:

To view the properties of a particular event in a log, double-click on the event’s icon in the Details pane. For example, you may want to see the details related to an Error event logged in the System log. Figure 24.20 shows the event properties (from the Service Control Manager Eventlog provider) specifying that the parallel port driver service failed to start.

Figure 24.20. You can view the properties of a logged event.

[View full size image]

Microsoft now provides event-specific help for logged events. For more information on a logged event, click the Event Log Online Help link in the event’s Properties dialog box. You are informed that the Event Viewer will send the information related to the event over the Internet. Click Yes to continue.

Internet Explorer opens and provides additional information on the event (see Figure 24.21). This information includes an explanation of the event and possible actions to be taken to remedy the problem related to the event.

Figure 24.21. You quickly get additional information on a particular event.

[View full size image]

Previous Page Next Page

Leave a Reply

Time limit is exhausted. Please reload the CAPTCHA.


apply_now Pepperstone Group Limited