Microsoft Event Viewer
Microsoft Event Viewer is a Microsoft Windows system tool. It is available by default on every Windows NT-based system (Windows NT, Windows 2000, Windows XP, and Windows Server 2003). Beginning with the introduction of Windows 2000, Microsoft Event Viewer has been managed through the Microsoft Management Console (MMC). It is possible to create an MMC that includes the Event Viewer of each remote system. But keep in mind that using more than one Event Viewer on one system often leads to confusion and is normally not recommended.
Windows stores information related to an event or error in Event Viewer. Event Viewer can be used to gather, identify, and analyze Windows 2000 system events and information about hardware, software, and system problems. Because Cisco CallManager runs as a Windows service, information about Cisco CallManager events and errors can also be stored in Event Viewer.
Event Viewer, available at Start > Settings > Control Panel > Administrative Tools > Event Viewer, can help identify problems at the system level. For example, to pinpoint a problem, use Event Viewer to look for events involving Cisco CallManager Administration on the Internet Information Server (IIS) server.
As shown in Figure 31-3, Event Viewer uses log types to group different kinds of logs:
- Application logs Contain events logged by applications or programs, such as Cisco CallManager.
- System logs Report events logged by the Windows 2000 system components, such as the failure of an operating system component or driver.
- Security logs Hold information records of security events. (Cisco CallManager does not report events in this log.)
Figure 31-3. Microsoft Event Viewer
To classify events, Event Viewer provides three event types. Each is marked with its own icon. The Microsoft Event Viewer event types are as follows:
- Error An indicator of a problem, such as the loss of data or failure to initialize properly; represented by a red "X"
- Warning An event that might indicate a problem or a future problem, such as when a service is stopped or started, which is not necessarily an error; represented by a yellow exclamation point
- Information System information messages that might include hostnames, the version of the database in use, or startup success; represented by a blue "i" symbol