Information Technology Reference
In-Depth Information
Security
Contains security-related information as defined by your auditing settings. For
example, you could see when users have logged onto the system or when particularly
sensitive files have been accessed.
System
Contains operating system-related information and messages. Common mes-
sages might include a service startup failure or information about when the operating
system was last rebooted.
Directory Service
Stores messages and events related to how Active Directory func-
tions. For example, you might find details related to replication here.
DNS Server
Contains details about the operations of the DNS service. This log is useful
for troubleshooting replication or name-resolution problems.
Other Log Files
Contain various features of Windows Server 2012 R2 and the applica-
tions that may run on this operating system, which can create additional types of logs.
These files allow you to view more information about other applications or services
through the familiar Event Viewer tool.
Additionally, developers can easily send custom information from their programs to the
Application log. Having all of this information in one place really makes it easy to analyze
operating system and application messages. Also, many third-party tools and utilities are
available for analyzing log files.
Although the Event Viewer GUI does a reasonably good job of letting you find the infor-
mation you need, you might want to extract information to analyze other systems or
applications. One especially useful feature of the Event Viewer is its ability to save a log
file in various formats. You can access this feature by clicking Action
➢
Save As. You'll
be given the option of saving in various formats, including tab- and comma-delimited
text files. You can then open these files in other applications (such as Microsoft Excel) for
additional data analysis.
Overall, in the real world, the Event Viewer can be an excellent resource for monitoring
and troubleshooting your important servers and workstations.
In addition to providing information about the status of events related to Active Direc-
tory, the Event Viewer shows you useful information about other system services and appli-
cations. You should routinely use this tool.
Using Active Directory Administrative Tools
After a server has been promoted to a domain controller, you will see that various tools are
added to the Administrative Tools program group, including the following:
Search WWH ::
Custom Search