Introduction

These tools provide detailed insights into system operations and configurations, enabling users to troubleshoot and optimize their systems effectively.

Event Viewer

Event Viewer is a powerful Windows utility designed to provide detailed logs about significant system events. These events include application crashes, system warnings, security events, and more. Understanding how to navigate and interpret the data within Event Viewer is crucial for diagnosing and resolving system issues effectively.

Accessing Event viewer

To open Event Viewer, use the following steps:

  1. Press Win + R to open the run dialog box.

  2. Type “eventvwr.msc” and press Enter.

Alternative access is via the Control Panel:

  1. Open Control Panel.

  2. View its items by icons (large or small).

  3. Select Windows Tools.

  4. On the Windows Tools page, find and open the Event Viewer utility.

Event Viewer structure

Event Viewer is organized into several primary categories:

  • Custom Views: Allows the creation of custom event views based on specific criteria.

  • Windows Logs: Includes Application, Security, Setup, System, and Forwarded Events logs.

  • Applications and Services Logs: Contains logs from specific applications and services

Application Logs

Application logs contain events logged by applications or programs. For instance, when an application crashes or encounters an error, it logs an event in this category. Analyzing these logs can help identify issues related to specific software applications.

Security Logs

Security logs record events such as login attempts, resource access, and other security-related activities. These logs are essential for monitoring security breaches or unauthorized access attempts. Each security event is accompanied by detailed information about the user account, time, and nature of the event.

System Logs

System logs contain events logged by Windows system components. These logs are crucial for troubleshooting hardware failures, driver issues, and system startup problems. For example, if a system component fails to load during startup, the System log will capture the event, providing details about the failure.

Setup logs

Setup logs record events related to the installation of applications and system components. These logs are particularly useful when troubleshooting issues related to software installations or upgrades.

Forwarded Events

Forwarded events are logs that are collected from remote computers. This feature is useful for centralized monitoring of multiple systems within a network.

Filtering and Custom Views

Event Viewer allows filtering of logs to find specific events based on criteria such as event level, source, event ID, and date. This feature is useful for narrowing down the vast amount of log data to the most relevant events.

To create a Custom View:

  1. Click on Create Custom View in the Actions pane.

  2. Define the criteria for the events you want to include. Example criteria include event level (information, warning, error, critical, verbose), event logs (application, security, setup, system, forwarded events), event sources (specific applications or services that generate the events), event IDs (specific event identification numbers), keywords (keywords associated with events), the user account associated with the event, or the specific computer where the event was logged with the date and time supplied.

  3. Save the Custom View for future use.

Event log components

Each event log entry in Event Viewer consists of several components:

  • Level: Indicates the severity of the event (Information, Warning, Error, Critical).

  • Date and time: When the event occurred.

  • Source: The software or system component that generated the event.

  • Event ID: A unique identifier for the event type.

  • User: The account under which the event occurred.

  • Computer: The name of the computer on which the event occurred.

  • Description: Detailed information about the event.

By analyzing these details, IT professionals can take appropriate corrective actions after pinpointing the root cause of issues.

System Information (msinfo32)

System Information, accessed via msinfo32 in the run dialog box, provides comprehensive details about the computer’s hardware resources, components, and software environment. This utility is essential for gathering system configuration data, which aids in troubleshooting and system diagnostics.

Accessing System Information

To open System Information:

  1. Press Win + R to open the run dialog box.

  2. Type “msinfo32” and press Enter.

System Information structure

The System Information utility is organized into several categories, each providing specific details about the system.

  1. System Summary: An overview of the computer, including OS version, manufacturer, model, processor, BIOS version, and memory.

  2. Hardware Resources: Details about system resources such as IRQs (interrupted requests), DMA (Direct Memory Access) channels, Input/Output (I/O) ports, and memory addresses.

  3. Components: Information about installed hardware components like multimedia devices, input devices, storage, and network adapters.

  4. Software Environment: Details about the software configuration, including drivers, running tasks, environment variables, and system services.

Hardware Resources

The Hardware Resources section is subdivided into several categories.

  • Conflicts/Sharing: Lists hardware resources that are shared or conflicting, which can help diagnose hardware conflicts.

  • I/O (Input/Output): Lists I/O port assignments.

  • IRQs (Interrupt Requests): Shows IRQ assignments, which are crucial for diagnosing hardware interrupt issues.

  • Memory: Details about memory usage by various system components.

Components

The Components section provides detailed information about the hardware components in the system.

  • Multimedia: Information about audio and video devices.

  • Display: Details about the graphics card, driver version, and settings.

  • Storage: Information about hard drives, optical drives, and storage controllers.

  • Network: Network adapters, IP addresses, and other network-related details.

  • Input: Details about input devices such as the keyboard and mouse.

Each sub-category provides specific information about the respective hardware component, aiding in troubleshooting hardware-related issues.

Software Environment

The Software Environment section includes detailed information about the software configuration of the system.

  • Drivers: A list of installed drivers, their status, and version information.

  • Environment Variables: System and user environment variables.

  • Running Tasks: Information about currently running processes.

  • Loaded Modules: Details about loaded modules and their memory usage.

  • Services: A list of system services and their status.

This section is invaluable for diagnosing software-related issues, such as driver problems or service failures.

Practical applications of System Information

  • Diagnosing hardware issues: IT professionals can identify conflicts or failures in hardware components by examining the hardware resource details.

  • Optimizing system performance: Reviewing the software environment can help IT professionals disable unnecessary startup programs and services, improving system boot time and overall performance.

  • System upgrades and compatibility: It provides detailed information needed to plan system upgrades or check software compatibility with current hardware specifications.

  • Technical support: The ability to export system information makes it easier to provide detailed system specs to technical support for more efficient troubleshooting.