Why did “X” happen? (Or why did “X” not happen…)

Posts have been scarce lately… But there is plenty to come!  Now without further delay.

There is an easy and overlooked method to provide first steps to the question “Why did X happen? Or why did X not happen?”.   Not only is it an easy method, it is already there waiting for you to review…  The Windows Event Viewer!  OK, some of you are thinking, “Oh, that gee – so?”  For those of you who didn’t think of it, you are not alone… the Windows Event Viewer (or Dr. Watson for those reminiscing) provides detailed information about significant events on your computer. It can be helpful (and yet overlooked) when troubleshooting problems and errors with Windows and other programs.  A key point that I will make here is to look for information on the application and dependant technologies that the application uses:  DCOM, MSDTC and such for correlations.

Event Viewer

For a quick refresher, you can access the Event Viewer several ways, but I typically typically click Start, Run, and type eventvwr. There are typically three logs available:

• Application: applications running under Windows are supposed to log their events here.
• Security: when enabled Windows, can log a host of security-related events which are logged here.
• System: the operating system logs its events here.
• If you are really luckily, the MES or SCADA system you use might create its own heading too… (really, really lucky).

For those of you who haven’t bothered to look in the Event Viewer – don’t panic on your first view – there will be informational events logged aside from errors.  THIS IS NORMAL!  Another point is get a feel for what events are logged under NORMAL conditions so that you don’t chase a dead end for a missing printer driver (or somebody RDPing).

Now hop to it and check it out!