meaning of the "cryptic" event viewer acronyms

[bstillion]

A manager is asking me for an explanation of all the acronyms that could
appear in the various columns (user & category columns especially.) Is there
a web resource that explains many of the possible acronyms?
IT professionals know that there are various sites that explain specific
problems and a search on the source and event ID usually helps in
troubleshooting. This request is more of an educational tool for those that
do not troubleshoot PC/server errors or manipulate the event logs.

 

[Leonard Grey]

The "various columns" of what?

 

[bstillion]

The event viewer (mentioned in the "Subject" of the question)
Windows XP sp2

 

[Leonard Grey]

Google is your friend.

 

[bstillion]

I always google it to death before posting a question.

Google lists articles that say how to "filter" results
and even how to script the collection of various
events which is all useful information but not what
I need to educate a manager.

I have not yet found anywhere that does things like:

-Explain what the acronyms listed in the "Source" column mean,
SceCli, LoadPerf, McLogEvent, DWMRCS, Diskeeper
-List what you can expect to see in the "User" column
System, Anaonymous, Network Services

Apparently, there is no source for such information.
I will have to find a way to politely say "Google it!" to
a manager that believes there should be such a source.

Thanks for your time.

 

[Leonard Grey]

First hit for the search term "windows xp event viewer events" (without
the quotes):

How to view and manage event logs in Event Viewer in Windows XP
http://support.microsoft.com/kb/308427

which includes an embedded link to the Events and Errors Message Center.

I also found plenty of hits by searching SceCli individually, for example.

 

[Gerry]

http://www.eventid.net/search.asp

http://en.wikipedia.org/wiki/Event_viewer

Event Header
The event header contains the following information about the
event: .Date

The date the event occurred.
..Time

The time the event occurred.
..User

The user name of the user that was logged on when the event occurred.
..Computer

The name of the computer where the event occurred.
..Event ID

An event number that identifies the event type. The Event ID can be used
by product support representatives to help understand what occurred in
the system.
..Source

The source of the event. This can be the name of a program, a system
component, or an individual component of a large program.
..Type

The type of event. This can be one of the following five types: Error,
Warning, Information, Success Audit, or Failure Audit.
..Category

A classification of the event by the event source. This is primarily
used in the security log.

Source: http://support.microsoft.com/kb/308427


--



Hope this helps.

Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~