[Kevin Mehok]

IST2900 Digital Forensics Engineer
Week Two
Assignment #2
WK2 Event Log Discussion
Kevin Mehok

Hey Class,

There are countless Windows Event Logs that we could discuss, as long as none of us has the blue screen of death, then let’s get through a few of them.

1. Error: An event that indicates a significant problem such as loss of data or loss of functionality. For example, if a service fails to load during startup, an Error event is logged.

Example of an Error- an error event in the System log section may inform you which hardware driver crashed, which can help you pin down a buggy driver or a faulty hardware component.

2. Warning: An event that is not necessarily significant but may indicate a possible future problem. For example, when disk space is low, a Warning event is logged. If an application can recover from an event without loss of functionality or data, it can generally classify the event as a Warning event.

Example of a Warning- It indicates a potential issue that system administrators should keep an eye on, including low disk space warnings and security policy violations.

3. Information: An event that describes the successful operation of an application, driver, or service. For example, when a network driver loads successfully, it may be appropriate to log an Information event. Note that it is generally inappropriate for a desktop application to log an event each time it starts.

Example of an Information- Windows system event log contains events related to the system and its components. Failure to load the boot-start driver is an example of a system-level event.

I hope this helps! I am looking forward to learning more from my classmates.

God Bless,

Kevin