Event Log Information

Event logging in Windows 2000/XP provides a standard, centralized way for applications and the operating system to record important software and hardware events. Event logging provides a means to merge events from various sources into a single informative story. The event log diagnostics help the remote operator view the System, Security, and Application event logs. You can view the Event Log Information on Windows 2000/XP managed workstations.

The following table describes the fields in the Event Log window:

Field Description

Event Generated Date

Date when the entry was submitted (MM/DD/YYYY).

Event Generated Time

Time when the entry was submitted (HH:MM:SS).

Event ID

Identifies the event specific to the source that generated the event log entry.

Event Generated Type

Classification of the type as Error, Warning, Information, Success, or Failure.

Event Generated Category

Subcategory for the event. This subcategory is source specific.

NOTE:  Every application registering for Windows Event log needs to specify message resource file for Event Category. Event Category is application specific and is defined in message file. Diagnostics reads this information from HKLM\system\CurrentControlSet\Services\EventLog\<application>, maps the category to message and fetches the category.

Some applications do not specify message resource file for Event Description and Event Category. In this case, Windows assigns arbitrary numbers for event category. Also, there is no way to get this arbitrary number (as it is not stored in registry). The Diagnostics reports it as None.

Source Name

Name of the source (application, service, driver, subsystem) that generated the entry.

Description

Details of the event.

Computer Name

Name of the computer that generated the event.