Event log in Windows 10: where to find it, how to enter it and how to clear it

Many PC users are not even aware that they have a very useful add-on on their device. It records all events occurring in the OS. But reading and writing data occurs even during periods of inactivity on the part of a person. The Event Log in Windows 10 provides the user with the opportunity to view errors, warnings and other important information.

In some cases, analyzing this data can greatly facilitate the search for the causes of malfunctions. And this is an important step towards their elimination and even prevention. Of course, server owners often resort to such manipulations. However, for the average user, studying history can also be useful.

How to access the event log in Windows 10

The utility can be launched in several ways. The first involves using the Run . To do this you need:

1. By holding down the “ Win ” + “ R ” keys, open the window.
2. Enter the “ eventvwr ” command.
3. Click "OK».

And the second requires the use of a control panel, where it is required:

1. Select the “ System and Security ” section.
2. Proceed to the “ Administration ” subsection.
3. Choose "Event Viewer».

Once in the event log in Windows 10, you can begin to analyze its interface.

The left column contains event logs. They are already sorted into sections. Which makes the user's work easier. Of greatest interest is the “Windows Logs” section, which consists of the following categories:

• Application (main) - records created by programs.
• Security (Basic) - System security information.
• Installation (optional).
• System (main) - information about the operation of system components.
• Routed Events (Advanced).

There are two windows in the center of the utility. The first displays the events that have occurred. And the second is detailed information about each of them. The right column contains the working tools of the magazine.

"Error log" in Windows 10

The log mentioned earlier is only a small part of the Event Viewer system utility, which is present by default in every version of Windows 10. Next, we will look at three important aspects that relate to the Error Log - enabling logging, launching Event Viewer, and analyzing system messages.

Enabling logging

In order for the system to record all events in the log, it must be enabled. To do this, follow these steps:

1. Right-click anywhere on the taskbar. From the context menu, select "Task Manager".

In the window that opens, go to the “Services” tab, and then on the page itself at the very bottom, click the “Open Services” button.

Next in the list of services you need to find “Windows Event Log”. Make sure it is running and running in automatic mode. This should be indicated by the inscriptions in the “Status” and “Launch Type” columns.

After this, it remains to check whether the paging file is activated on the computer. The fact is that when it is turned off, the system simply will not be able to keep track of all events. Therefore, it is very important to set the virtual memory value to at least 200 MB. Windows 10 itself reminds you of this in the message that appears when the paging file is completely deactivated.

We have already written about how to use virtual memory and change its size in a separate article. Please review it if necessary.

We figured out how to enable logging. Now let's move on.

Launching Event Viewer

As we mentioned earlier, the Error Log is included in the standard Event Viewer snap-in. It's very easy to launch. This is done as follows:

1. Press the Windows key and R on your keyboard at the same time.
2. In the line of the window that opens, enter eventvwr.msc and press “Enter” or the “OK” button below.

As a result, the main window of the mentioned utility will appear on the screen. Note that there are other methods that allow you to launch Event Viewer. We talked about them in detail earlier in a separate article.

The nuances of working in the event log

The number of monitored events can be in the thousands and even tens of thousands. To create a comfortable working environment, the event log in Windows 10 is equipped with a built-in filter. It allows you to sort the available information by:

• importance;
• time;
• source;
• computer and user name;
• code and other parameters.

But finding the necessary error in the log is not so bad. The specificity of the information contained will not allow everyone to immediately understand what the problem is. For example, the user might see something like:

{BF6C1E47-86EC-4194-9CE5-13C15DCB2001} DCOM server registration failed within the allotted timeout

Finding the description will require going online and visiting the Microsoft website. Or other resources providing similar information.

It is worth mentioning that the presence of errors is a normal phenomenon of the OS. Any, even the most minor failures are entered into the registry. So don't worry if you find them in a magazine.

How to open?

Finding and opening the event log is quite simple; to do this, you need to enter the phrase “Event Viewer” in the Windows 10 search and click on it. But if you have indexing disabled, this attempt will not bring results.

And as an option you can:

• Log in to the “Control Panel” and go to the “Administration” section. This is where the item we need will be located.

All information will be divided into appropriate groups. For example, by opening the application log, you will be able to view all messages about the operation of programs. Absolutely all system incidents related to Windows 10 are displayed in it.

Initially, this service was developed exclusively for administrators who constantly monitor the status of servers, identify errors and causes of occurrence, and then try to quickly eliminate them.

Don't be alarmed if your device is working fine, but there are error warnings in the log, because this is normal for the OS. Any failures, including minor ones, are entered into the registry, so no need to worry.

How to clear the event log in Windows 10

Among the ways to clear the event log in Windows 10, there are 5 main ones.

Manual log clearing

This method is very simple. It does not require special skills or additional software. All that is needed is:

1. Open the event log.
2. Right-click on the required section.
3. Select command "Clear log...».
   Read also:  iPhone DOES NOT Connect to Bluetooth Headphones or Speaker - How to Fix it?

As you've probably noticed, this is the easiest way. However, some situations require resorting to other methods.

Creating a .bat file

This method also allows for quick cleaning. To implement it you will need the code:

@echo off FOR /F "tokens=1,2*" %%V IN ('bcdedit') DO SET adminTest=%%V IF (%adminTest%)==(Access) goto theEnd for /F "tokens=* " %%G in ('wevtutil.exe el') DO (call :do_clear "%%G") goto theEnd :do_clear echo clearing %1 wevtutil.exe cl %1 goto :eof :theEnd

It must be used in the following algorithm:

1. Create a text document.
2. Copy the code above into it.
3. Save the document with the .bat extension (you can read more about extensions in the article “Windows file extensions. How to open and change file extensions”)
4. Run the resulting file as administrator.

After this, all reports will be deleted.

Cleaning through the command console

You can also clear the event log in Windows 10 using this tool. To do this you will need:

1. Press the “ Win ” key.
2. Lead " Command Line ".
3. Run the utility as administrator.
4. Enter the command below and press “ Enter ”.

for /F “tokens=*” %1 in ('wevtutil.exe el') DO wevtutil.exe cl “%1″

Clearing the event log via PowerShell

PowerShell is a more advanced version of the command line. Clearing the event log using it is carried out in the same way. Except for the command being entered. In this case it looks like this:

wevtutil el | Foreach-Object {wevtutil cl “$_”}

Windows 7 event log. Where to find the system log

The seventh version of the Windows operating system has implemented a function for tracking important events that occur in the operation of system programs. At Microsoft, the concept of “events” refers to any incidents in the system that are recorded in a special log and signaled to users or administrators. This could be a utility program that doesn't want to run, an application crashing, or devices not being installed correctly. All incidents are recorded and saved by the Windows 7 event log. It also arranges and shows all actions in chronological order, helps to carry out system monitoring, ensures the security of the operating system, corrects errors and diagnoses the entire system.

You should periodically review this log for new information and configure the system to save important data.

Window 7 - programs

The Event Viewer computer application is the main part of Microsoft utility utilities that are designed to monitor and view the event log. This is a necessary tool for monitoring system performance and eliminating emerging errors. The Windows utility that manages the documentation of incidents is called the Event Log. If this service is started, then it begins to collect and log all important data in its archive. The Windows 7 event log allows you to perform the following actions:

— viewing data recorded in the archive;

— using various event filters and saving them for further use in system settings;

— creating and managing subscriptions for certain incidents;

— assign certain actions when any events occur.

How to open the Windows 7 event log?

The program responsible for recording incidents is launched as follows:

1. The menu is activated by pressing the “Start” button in the lower left corner of the monitor, then the “Control Panel” opens. In the list of controls, select “Administration” and in this submenu click on “Event Viewer”.

2. There is another way to view the Windows 7 event log. To do this, go to the Start menu, type mmc in the search window and send a request to search for the file. Next, the MMC table will open, where you need to select the paragraph indicating adding and removing equipment. Then the “Event Viewer” is added to the main window.

What is the application described?

The Windows 7 and Vista operating systems have two types of event logs: system archives and application service log. The first option is used to capture system-wide incidents that are related to the performance of various applications, startup and security. The second option is responsible for recording the events of their work. To control and manage all data, the Event Log service uses the View tab, which is divided into the following items:

— Application – events that are associated with a specific program are stored here. For example, postal services store in this place the history of sending information, various events in mailboxes, and so on.

— The “Security” item stores all data related to logging in and out of the system, using administrative capabilities and accessing resources.

— Installation - this Windows 7 event log records data that occurs during the installation and configuration of the system and its applications.

— System – records all operating system events, such as failures when launching service applications or when installing and updating device drivers, various messages regarding the operation of the entire system.

— Forwarded events – if this item is configured, then it stores information that comes from other servers.

Other sub-items of the main menu

Also in the “Administration” menu, where the event log in Windows 7 is located, there are the following additional items:

— Internet Explorer – events that occur during the operation and configuration of the browser of the same name are recorded here.

— windows PowerShell – this folder records incidents related to the use of the PowerShell shell.

— Equipment events – if this item is configured, then the data generated by the devices is logged.

The entire structure of the "seven", which ensures the recording of all events, is based on the Vista type on XML. But to use the event log program in Window 7, you don't need to know how to use this code. The Event Viewer application will do everything itself, providing a convenient and simple table with menu items.

Incident characteristics

A user who wants to know how to view the Windows 7 event log must also understand the characteristics of the data that he wants to view. After all, there are different properties of certain incidents described in the “Event Viewer”. We will look at these characteristics below:

— Sources – a program that records events in a log. The names of applications or drivers that influenced a particular incident are recorded here.

— Event code is a set of numbers that determine the type of incident. This code and event source name are used by system software technical support to correct errors and resolve software failures.

— Level – the degree of importance of the event. The system event log has six levels of incidents:

1. Message.

2. Caution.

3. Error.

4. Dangerous mistake.

5. Monitoring successful error correction operations.

6. Audit of unsuccessful actions.

— Users – records the data of the accounts on whose behalf the incident occurred. These can be the names of various services, as well as real users.

— Date and time – records the timing of the occurrence of the event.

— CPU load – the time required to execute user commands.

There are many other events that occur while the operating system is running. All incidents are displayed in the “Event Viewer” with a description of all related information data.

How to work with the event log?

A very important point in protecting the system from crashes and freezes is to periodically review the “Application” log, which records information about incidents, recent actions with a particular program, and also provides a selection of available operations.

By going to the Windows 7 event log, in the “Application” submenu you can see a list of all programs that caused various negative events in the system, the time and date of their occurrence, the source, and the degree of problem.

In this console, you can save all events for the last few months, clear the log of old entries, change the size of the table, and much more.

User Responses to Events

Having learned how to open the Windows 7 event log and how to use it, you should then learn how to use the Task Scheduler with this useful application. To do this, you need to right-click on any incident and in the window that opens, select the menu for linking a task to an event. The next time such an incident occurs in the system, the operating system will automatically launch the installed task to process the error and correct it.

An error in the log is not a reason to panic

If, while looking at the Windows 7 system event log, you see system errors or warnings appearing periodically, then you should not worry or panic about this. Even with a perfectly functioning computer, various errors and failures may be recorded, most of which do not pose a serious threat to the performance of the PC.

The application we are describing was created to make it easier for the system administrator to control computers and troubleshoot emerging problems.

Conclusion

Based on all of the above, it becomes clear that the event log is a way that allows programs and the system to record and save all events on the computer in one place. This log stores all operational errors, messages and warnings from system applications.

Where is the event log in Windows 7, how to open it, how to use it, how to correct errors that appear - we learned all this from this article. But many will ask: “Why do we need this, we are not system administrators, not programmers, but ordinary users who don’t seem to need this knowledge?” But this approach is wrong. After all, when a person gets sick with something, before going to the doctor, he tries to cure himself in one way or another. And many often succeed. Likewise, a computer, which is a digital organism, can “get sick”, and this article shows one of the ways to diagnose the cause of such a “disease”; based on the results of such an “examination”, you can make the right decision on methods of subsequent “treatment”.

So information about the method of viewing events will be useful not only to the system specialist, but also to the ordinary user.

fb.ru

Clearing cache and browser history

The third point in our tutu is clearing the cache and browser history. There are no difficulties here - each browser allows you to reset the list of recently visited sites.

Continuation is available only to members

Option 1. Join the “Xakep.ru” community to read all materials on the site

Membership in the community within the specified period will give you access to ALL Hacker materials, increase your personal cumulative discount and allow you to accumulate a professional Xakep Score rating! More details

Option 2: Open one material

Interested in the article, but there is no way to become a member of the Xakep.ru club? Then this option is for you! Please note: this method is only suitable for articles published more than two months ago.

I am already a member of "Xakep.ru"

In today's article, we'll look at various ways to clear all event logs in Windows.

By opening Event Viewer, you can see various Windows logs, which contain various warnings, application and system errors, and informational messages. It happened that a regular user could not log in to the system because the security log was full. In this case, it was possible to log in as a user with administrator rights, clear the log and set the overwrite in its properties as needed.

How to delete search queries?

How to delete all data

1. Go to myactivity.google.com on your Android phone or tablet.
2. Above the list of actions, click Remove.
3. Select the All time option.
4. Click Next Remove.

Interesting materials:

How to add a network printer in Windows 10? How to add a font on Windows 10? How to add an SSD to Windows 10? How to add your permission in Windows 10? How to add custom tiles to the Windows 10 Start menu? How to add a phone to Windows 10? How to add a file type in Windows 7? How to add Ukrainian language to Windows 10? How to add a device to a Microsoft account in Windows 7? How to add a Windows 7 audio device?

How to clear browser history on your computer

Most users are concerned about saved information about their Internet activity. This data can be obtained by others if they have access to the device. Therefore, the question of how to clear the history of web browsing on a computer is relevant.

In a specific browser, depending on the program interface, you will need to perform certain steps to clear the application of the required information.

In general, access to your browser history will appear if you simultaneously press the “Ctrl” + “Shift” + “Del” keys in an open Internet browser window. In the window that opens, delete unnecessary information.

Read about what specific actions need to be performed in the most popular browsers in a detailed article on my website.

History of recent files in Explorer

The system file manager, Windows Explorer, stores information about used folders and files. In some cases, it is better for the user to hide such information.

Go through the steps:

1. Open Windows Explorer.
2. Go to the “View” tab.
3. On the toolbar, click on the “Options” button.
4. From the Folder Options window, go to the General tab.
5. In the “Privacy” section, in the “Clear Explorer history” option, click on the “Clear” button.

If necessary, make additional settings that affect privacy:

1. In the “Privacy” option, uncheck the following items:

• Show recently used files in the Quick Access Toolbar.
• Show frequently used folders in the Quick Access Toolbar.

1. In the "Open File Explorer for:" option, select "This PC."
2. Click on the "OK" button.

Thanks to these settings, frequently used folders and recent files will be hidden when you launch Explorer.

How to view your entire Windows 10 activity history

If we want to view the entire activity history that Windows 10 has collected about us, we can do this by opening our Microsoft account privacy website. From here we see a series of categories that will show all the information that Microsoft collects:

• browsing history It handles all the data stored in the Edge browser, so if this is our main browser, it is likely that we will find enough data here. This can be viewed and deleted.
• Search History : Only contains information if we use Bing as a search engine, so it uses our data to get better search results. This can be viewed and deleted.
• Activity Location : Collects all information every time we allow Windows to access our location. This can be viewed and deleted.
• Voice activity : All saved clips are stored here every time we use the Cortana voice command, which Microsoft uses to improve voice recognition. You can see and delete
• Media Activity : With this activity, Microsoft maintains control over everything we like to watch by following our recommendations. This can be viewed and deleted.
• Activity and performance of products and services From here we can see how Microsoft products are used, with the activities associated with the actions we have completed and the performance of the system logs. This can be viewed and deleted.
• Cortana Notebook This is where Cortana stores all the entries, so if we use it often we will find enough data saved. This can be viewed and deleted.

Maintain privacy when using the operating system

Windows 10 has never been considered an operating system that takes care of our privacy, for which it has received numerous criticism. If privacy is important to us, there is a chance that we might not feel comfortable using the Microsoft operating system.

Therefore, it is recommended to be alert to the configuration of the operating system , from the options we configured during the initial setup to the installation of all kinds of third-party tools that can control everything. This is why Windows 10 is not the best option for protecting our privacy, but now we already know all the data that Microsoft processes about us and how we can erase it.

Disable schedule

Timeline is a timeline where you can see the web pages, documents, and apps we've used over the past 30 days. This feature was added by Microsoft in 2022 and syncs across all our devices, so if we don't want Windows to save all our activity, we have to turn it off .

To do this, we need to enter the Windows 10 configuration menu, for which we will press the key combination “Windows + I”. Now we will go to the Privacy section and here we will click on Activity History. Now we must uncheck the “Save the history of my activities on this computer” and “Send the history of my activities to Microsoft” checkboxes. In this way, we will not let Windows remember what we did at one time, so now we will notice the lack of control over our activities.