Each log entry is classified by type, and contains header information, and a description of the event.


Event Header


The event header contains the following information about the event:

  • Date: the date the event occurred.
  • Time: The time the event occurred.
  • User: The user name of the user that was logged on when the event occurred.
  • Computer: The name of the computer where the event occurred.
  • Event ID: An event number that identifies the event type.  The Event ID can be used by product support representatives to help understand what occurred in the system.
  • Source: The source of the event.  This can be the name of a program, a system component, or an individual component of a large program.
  • Type: The type of event.  This can be one of the following five types: Error, Warning, Information, Success Audit, and Failure Audit.
  • Category: A classification of the event by the event source.  This is primarily used in the security log.

 


Event Types


The description of each event that is logged depends on the type of event.  Each event in a log can be classified into one of the following types:


  • Information: An event that describes the successful operation of a task, such as an application, driver, or service.  For example, an Information event is logged when a network driver loads successfully.
  • Warning: An event that is not necessarily significant, however, may indicate the possible occurrence of a future problem.  For example, a Warning message is logged when disk space starts to run low.
  • Error: An event that describes a significant problem, such as a failure of a critical task.  Error events may involve data loss or loss of functionality.  For example, an Error event is logged if a service fails to load during startup.
  • Success Audit (Security log): An event that describes the successful completion of an audited security event.  For example, a Success Audit event is logged when a user logs on to the computer.
  • Failure Audit (Security log): An event that describes an audited security event that did not complete successfully.  For example, a Failure Audit may be logged when a user cannot access a network drive.