By default, Windows systems generate an entry in the security event log by processes using the local and network service accounts. These accounts are used by services that need fewer privileges and logon rights on a local system, and access to network resources in case of the network service.
Windows Event Viewer allows you to run a task when a specific event occurs. For instance, you could restart a service when an event is logged or display a message to notify you that an error has occurred! Let’s say you want to be notified when shadow copies fail to function. There are instances when automated shadow copies fail due to storage quotas that you may have set long time ago and you may want to know before the system automatically deletes the oldest shadow copy to make room for a new one!
If you need to read through large log files and search for specific keywords, there’s no need to write complex scripts but a simple three liner inside PowerShell can do all the work for you! The sample PowerShell code below, allows you to search through text files such as, log files in Windows 7 systems and outputs every line where a match of the given keyword is found.
Event logging is a great feature of any computer system which unfortunately, not so many users make good use of. A great feature which may become useless if not properly managed. The Windows Event Viewer is a management tool that enables you to browse and manage event logs. It is an indispensable tool for monitoring the health of systems and troubleshooting issues when they arise. Users of Windows systems need to familiarize themselves with the tool in general and in particular with some tasks that would help them get notifications when an event occurs.
Disk Quotas allows administrators to control how much of a volume users can fill with files. Although, disk quotas are normally implemented on servers that hosts shared folders they can also be implemented on standalone computers running Windows 7. In a scenario where multiple users access a single computer, a single user may completely fills a volume with his/her files hence, preventing others from saving their files due to lack of storage space.
Windows event logs are a very important tool for monitoring the health of systems and troubleshooting issues when they arise. Since Windows Vista, Microsoft added additional logs known as Application and Service logs, so that applications and services installed on the computer will have individual logs. This category of logs includes four subtypes for which the application or service can provide events, which are Admin, Operational, Analytic, and Debug logs. Details about the category of logs will be explained in a separate article, however, a brief explanation of the Operational events is needed as to help us troubleshoot startup problems!
I have created a small application called Boot Time that helps you monitor Boot times. The Boot Time utility requires administrative privileges to run successfully, hence if you are logged as a normal user without admin rights, start the application by right-clicking BootTime.exe and then click Run as administrator. For further details read below