Microsoft Windows Vista and Windows XP Event Viewer and Security

Windows XP's Event Viewer can be more confusing than Window's Vista's Event Viewer. Some events are self-explanatory and others may have to be looked up using Google, Microsoft or EventID.Net. (Exact links follow.) The Event Viewer was designed to allow end users a way to analyze several areas of the operating system. Individual Event IDs can give clues to why a computer is having problems. Remember the Event Viewer may also give clues to a computer having problems before the computer actually has a problem.

The Event Viewer in Window's Vista can be used to analyze your computer or to troubleshoot problems. The Event Viewer is located under the Manage properties of My Computer. To see the Event Viewer's information, Right Click on My Computer and select Manage.

Because the Event Viewer in Windows Vista is more complex than Windows XP, Microsoft gives a search function that allows you to both filter events and to access the internet to research the problem. With filters available, Windows Vista's Event Viewer allows the events to be filtered so that a problem that is logged across multiple logs can give clues to why an application may have problems.

The key behind working with the Event Viewer is to narrow the events down to a specific application's problems. These events may give clues to why an application is not working properly or why the application is slow or not working. Vista allows you to query the logs to find associations that are related to the application. Vista allows you to export the information so that the events can be shared and analyzed by others.

Vista's Event Viewer is one of the most powerful logging tools that can be used in troubleshooting your computer. As the pictures below show, the event viewer can be customized to meet your needs.

With both operating systems, security is an area that is often not monitored by a user. With antivirus software, anti-malware and the Windows Firewall, most users want to think they are well protected and don't have a method of checking what is going on with the security of their operating system.

Users can share folders out and select to audit these individual folders (Auditing is enabled by using the GPEdit.msc or SecPol.msc snap-in). This method should be used in all businesses. By auditing files that are shared out, the user of Windows XP and Windows Vista can see when, where and how the files and folder was used. This information is seen in the Event Viewer of either operating system. As individual users use these files, an entry is made in the Event Viewer.

With the Windows Firewall, packets travel in and out of a computer at thousands of packets per second. These packets are normally filtered when the firewall is on. The event viewer keeps track of applications of inbound and outbound applications and packets. These packets and applications are logged in the Security Event Viewer. By anlayzing the Event Viewer (Security), you can see what applications are requesting network or internet connectivity.

In the event of a malicious attack, the Security Event Viewer can log information about where the information is coming from and how your computer reacted to the packets of data.

If computers are used as IIS (Webservers) or FTP servers (Servers that allow files to travel in and out), Microsoft Windows adds a category after these applications are added by the user. This allows the IP address of traffic to be logged as it travels in and out of the computer.

The Security Event Viewer is one of the most critical areas used to consolidate information about the use of an individual computer.

See my article on the Group Policy Editor here on BrightHub.

The event viewer in these operating systems can help diagnose your computer and keep your computer running well. The event viewers often give clues to applications and system problems that may not 'show' any signs of problems. As shown in the pictures above, Microsoft Windows Vista's Event Viewer is more complex yet easy to use. Microsoft's logging process gives Security, Application, System and more information to users. Use these events to your advantage to find and prevent problems with your computer.

The Security Events can spread across the System Events, Applications or other events. Home users and business users alike should use these logs to truly secure their computer.

Microsoft's Windows XP Event viewer link.

Microsoft's TechNet on Windows Vista's Event Viewer.

See my article on the Group Policy Editor here on BrightHub.