Event logs provide a centralized collection point for all kinds of error reports, system alerts, diagnostic messages, and status messages generated by a system Event logging is a facility used by computer systems to record the occurrence of significant events An "event" is any change that occurs in a system -- for example, a user logon, an addition to a file, or a change to a user's privileges Because a computer system may experience hundreds or thousands of events each second, it is important to distinguish which events require the immediate attention of a system administrator, which should be recorded as entries in the system's event log for later analysis, and which can be safely ignored
logs event messages issued by programs and Windows Event Log reports contain information that can be useful in diagnosing problems Reports are viewed in Event Viewer The Event Log service writes events sent by applications, services, and the operating system to log files The events contain diagnostic information in addition to errors specific to the source application, service, or component The logs can be viewed programmatically through the Event Log APIs or through the Event Viewer in a Microsoft Management Console (MMC) snap-in If the event log is disabled, you will be unable to track events, which reduces your ability to quickly diagnose problems with your system In addition, you won't be able to audit security events