Event Viewer Overview
Using event logs in the Event Viewer, you can collect information about hardware, software, and system issues and monitor the security events of Windows 2000.
Windows 2000 records events in three logs:
Application log
The application log contains an event recorded by an application or system program. For example, a database program can log file errors in the application log. The program developer decided to record which event.
System log
The system log contains events for system components of Windows 2000. For example, record the failed driver or other system components in the launch process in the system log. Windows 2000 pre-determines the type of event recorded by the system components.
Security log
Safety logs can record secure events, such as valid and invalid login attempts, as well as resources associated with resources such as creation, open, or delete files. Manager can specify what an event recorded in the security log. For example, if you have enabled a login review, the attempt to log in to the system will be recorded in the security log.
Event Viewer Displays the type of these events:
error
Important issues, such as data loss or loss of function. For example, this error will be recorded if a service load fails during the startup process.
caveat
It is not very important, but it is possible to explain the incident of the future potential problem. For example, a warning will be logged when the disk space is insufficient.
information
An event describing the successful operation of the application, driver or service. For example, an information event will be recorded when the network driver is successfully loaded.
Successful review
Successful audit security access attempts. For example, the user tries to log in to the system successfully recorded as a successful audit event.
Failed audit
Failed audit security login attempt. For example, if the user tries to access the network driver and fail, the attempt will be recorded as a failure audit event.
When Windows 2000 is started, the EventLog service starts automatically. All users can view applications and system logs. Only administrators can access the security log.
By default, the security log is turned off. You can use a group policy to enable security logs. The administrator can also set an audit policy in the registry to stop the system when the security log is over out.
