Export (0) Print
Expand All
Expand Minimize
2 out of 3 rated this helpful - Rate this topic

Event Log (System Services for the Windows Server 2003 Family and Windows XP Operating Systems)

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Service Name: Eventlog

Executable Name: services.exe

Log On As: LocalSystem

Description: This service logs event messages issued by programs and the Windows operating system. Event Log reports contain information that can be useful in diagnosing problems. Reports are viewed in Event Viewer. The Event Log service writes events sent by applications, services, and the operating system to log files. The events contain diagnostic information in addition to errors specific to the source application, service, or component. The logs can be viewed programmatically through the Event Log APIs or through the Event Viewer in an MMC (Microsoft Management Console) snap-in.

By default, a computer running Windows 2000 Server, Windows XP and Windows Server 2003, records events in three kinds of logs:

Application log

  • The application log contains events logged by applications or programs. For example, a database program might record a file error in the application log. Program developers decide which events to log.

Security log

  • The security log records events such as valid and invalid logon attempts, as well as events related to resource use such as creating, opening, or deleting files or other objects. For example, if logon auditing is enabled, attempts to log on to the system are recorded in the security log.

System log

  • The system log contains events logged by Windows system components. For example, the failure of a driver or other system component to load during startup is recorded in the system log. The event types logged by system components are predetermined by the server.

A computer running a Windows Server 2003 family operating system configured as a domain controller records events in two additional logs:

Directory service log

  • The directory service log contains events logged by the Windows Active Directory service. For example, connection problems between the server and the global catalog are recorded in the directory service log.

File Replication service log

  • The File Replication service log contains events logged by the Windows File Replication service. For example, file replication failures and events that occur while domain controllers are being updated with information about system volume changes are recorded in the file replication log.

A computer running Windows configured as a Domain Name System (DNS) server records events in an additional log:

DNS server log

  • The DNS server log contains events logged by the Windows DNS service.

If the event log is disabled, you will be unable to track events, which will significantly reduce the ability to successfully diagnose system problems. In addition security events will not be audited and you will not be able to view previous event logs using the MMC event viewer snap in.

Available on: Windows XP Home, Windows XP Professional; Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; Windows Server 2003, Datacenter Edition and Windows Server 2003, Web Edition.

Installed through: Default operating system installation

Startup type: Automatic

Service status: Started

This service depends on the following system components: None

The following system components depend on this service:

DHCP Server

File Replication

Network News Transfer Protocol (NNTP)

Simple Mail Transfer Protocol (SMTP)

SNMP Service

SNMP Trap Service

Windows Internet Name Services (WINS)

Windows Management Instrumentation

IP Port Numbers used:

TCP: 139

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.