71.4 Event Log Information

Event logging in Windows 2000/XP provides a standard, centralized way for applications and the operating system to record important software and hardware events. Event logging provides a means to merge events from various sources into a single informative story. The event log diagnostics help the remote operator view the System, Security, and Application event logs. You can view the Event Log Information on Windows 2000/XP managed workstations.

The following table describes the fields in the Event Log window:

Table 71-4 Event Log Information

Field

Description

Event Generated Date

Date when the entry was submitted (MM/DD/YYYY).

Event Generated Time

Time when the entry was submitted (HH:MM:SS).

Event ID

Identifies the event specific to the source that generated the event log entry.

Event Generated Type

Classification of the type as Error, Warning, Information, Success, or Failure.

Event Generated Category

Subcategory for the event. This subcategory is source specific.

NOTE:Every application registering for a Windows Event log needs to specify a message resource file for Event Category. Event Category is application specific and is defined in the message file. Diagnostics reads this information from HKLM\system\CurrentControlSet\Services\EventLog\<application>, maps the category to message and fetches the category.

Some applications do not specify a message resource file for Event Description and Event Category. In this case, Windows assigns arbitrary numbers for the event category. Also, there is no way to get this arbitrary number (because it is not stored in the registry). The Diagnostics reports it as None.

Source Name

Name of the source (application, service, driver, subsystem) that generated the entry.

Description

Details of the event.

Computer Name

Name of the computer that generated the event.