Your Ad Here

Oct 30, 2008

How To Diagnose Computer Problems Using Event IDs

Anytime your system crashes or an application freezes up, Event Viewer dutifully logs the error--but sorting through Event Viewer logs can be just as frustrating as dealing with the Blue Screen of Death. Here's a cheat sheet.

1. Start by familiarizing yourself with Event Viewer before you have a problem. It's under Start, Settings, Control Panel, Administrative Tools, Event Viewer. The utility's System node logs Windows issues (particularly networking ones), while the Application node logs issues with other software. You should not see much activity in the Security node since it is disabled by default and is used only if you have auditing turned on (which requires extra Microsoft software and ultimately doesn't help most folks anyway). Third-party apps might create more nodes, as well.

2. Events are fairly self-explanatory: The date and time of each event are logged along with its source, plus miscellaneous data about the issue. Most events will be noted as 'Information' and are generally safe to ignore. The 'Error' and 'Warning' entries are what you should concern yourself with. You can access the guts of the information by double-clicking the event to open its Event Properties page.

3. In the Event Properties window, you'll find detailed information about the error in question and a link to the Microsoft support Web site. Clicking the link will open a detail page within the Windows Help application (not your browser) for the error you're investigating. But often the information you get will tell you little about the problem, either saying no more data is available or declaring there's nothing you can do.

4. For more detail on the error types and what they mean, turn to the Web. Plug the event ID into, or search for key phrases in the error message, and try looking for clues to your problem by using the 'Source' field in the Event Viewer log as a search term.