CIS190 LAB5

docx

School

University of the Fraser Valley *

*We aren’t endorsed by this school

Course

190

Subject

Computer Science

Date

Apr 3, 2024

Type

docx

Pages

Uploaded by ChancellorElementRhinoceros10

University of the Fraser Valley Lab 5 - Page 1 of CIS 190 Systems Hardware Concepts Course Lab 5 CIS 190 Lab 5: Analyze a System with Event Viewer Objectives: The goal of this lab is to learn to work with Windows Event Viewer. After completing this lab, you will be able to use Event Viewer to: • View Window events • Save events • View event logs • Compare recent events with logged events Lab Activity Background: Most of what your computer does while running Windows 10, Window 8 or Window 7 is recorded in a log. In this lab, you will take another look at the Event Viewer tool, which provides information on various operations and tasks (known as events) in Windows. Event Viewer notes the occurrence of various events, lists them chronologically, and gives you the option of saving the list so you can view it later or compare it with a future list. You can use Event Viewer to find out how healthy your system is and to diagnose nonfatal startup problems that still allow Windows to start. (Fatal startup problems that prevent a successful startup don’t allow you into Windows far enough to use Event Viewer.)

University of the Fraser Valley Lab 5 - Page 1 of CIS 190 Systems Hardware Concepts Course Lab 5 CIS 190 Laboratory Report #5 Name: Savali Rawool Student Number: 300193993 Section: CIS 190 ON1 (grp b) Date: 08-04-2022 Follow these steps to begin using Event Viewer: 1. Log on as an administrator. 2. Open the Control Panel window. 3. Click Administrative Tools . The Administrative Tools window opens. 4. Double-click Event Viewer to open the Event Viewer window. The console tree is shown in the left pane., with Event Viewer (Local) listed at the top. If necessary, click Event Viewer (Local) to select it. The Overview and Summary section is in the center pane, with available Actions in the right pane (see Figure below). Maximize the Event Viewer window to see more information in the middle pane. 5. You can drag the lines separating the panes to widen or narrow each pane. Widen the center pane because it contains the most useful information. 6. In the console tree, expand Window Logs, and then click System in the Windows Logs group. The System log appears in the center pane. In the center pane, if necessary, you can drag the bar between the boxes down so you can see more of the list of events in the top box. The symbols to the left of each event indicate important information about the event. For example, a lowercase “i” in a white circle indicates an event providing information about the system, and an exclamation mark in a yellow triangle indicates a warning event, such as a

University of the Fraser Valley Lab 5 - Page 1 of CIS 190 Systems Hardware Concepts Course Lab 5 disk being near its capacity. An exclamation mark in a red circle is an error, and an X in a red circle is a critical event. Each event entry includes the time and date it occurred. Click on several events to see what information changes in various parts of the Event Viewer window when selecting different events. For each of the four most recent events, list the source (what triggered the event), the time, and the date: Event no: 10016; date& time: 06-04-2022; 15:25:33; Source (what triggered the event): DistributedCOM( The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID ) Event no: 10016; date& time: 06-04-2022; 15:25:32; Source (what triggered the event: DistributedCOM( The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID ) Event no: 10016; date& time: 06-04-2022; 15:24:01; Source (what triggered the event: DistributedCOM( The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID ) Event no: 10016; date& time: 06-04-2022; 15:22:43; Source (what triggered the event: Kernel- General ( The system session has transitioned from 2 to 3) 7. Double-click the top (most recent) event. The Event Properties dialog box opens. What additional information does this dialog box provide? Item name Value Product name Microsoft Windows Operating system Product version 10.22000.1 Event ID 10016 Event source Microsoft Windows DitributedCOM Locale ID 16393 8. Close the Event Properties dialog box. Because Event Viewer provides so much information, it can be difficult to find what you need however, events can be sorted by clicking the column headings. Do the following to find the most important events: 1. To sort by Level, click Level. Events are listed in the following order: Critical, Error, Warning and Information. 2. To sort events by Date and Time, click Date and Time. 3. To see a list of only Critical, Error and Warning Events, expand Custom Views in the console tree, and then select Administrative Events. How many Critical, Error, and Warning events are recorded on your system? Number of critical, error and warning events: 3,115

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

University of the Fraser Valley Lab 5 - Page 1 of CIS 190 Systems Hardware Concepts Course Lab 5 You can save the list of events shown in Event Viewer to a log file. When naming a log file, it’s helpful to use the following format: Typelog EV mm-dd-yy.evtx ( mm = month, dd = day, and yy = year). For example, you would name a log file of System events saved on June 8, 2020 as SystemEV06-08-20.evtx. After you create a log file, you can delete the current list of events from Event Viewer, allowing the utility to begin creating an entirely new list of events. A short log and resulting log file is easier to view and easier to send to other support technicians when you need help. Follow these steps to save the currently displayed events as a log file, and then clear the current events: 1. Open File Explorer/Windows Explorer, and create a folder called Logs in the root directory of drive C. 2. Leaving File Explorer/Windows Explorer open, return to Event Viewer, and then click System in the console tree in the left pane. The System log is selected but no particular event is selected. How many events are there in this log? 15,443 3. To save the System log to a log file, on the menu bar, click Action , and then click Save All Events As . 4. Navigate to the Logs folder created in Step 1. Name the file SystemEV mm-dd-yy (remember to replace the italicized portion with today’s date), click Save , and then click OK . What is the name of your log file, including the file extension? SystemEV04-06-22.evtx 5. Now you’re ready to clear the current list of events from the Event Viewer. With the System log still selected, click Action , and then click Clear Log . 6. When asked if you want to save the System log, click Clear. The Event Viewer window now displays only one event. What is the event? Log name: system Source: Eventlog ID: 104 Level: information – The system file was cleared 7. Close the Event Viewer. It can be useful to save a log that shows the event of a successful, clean boot, so you can use it as a reference when you have a problem with a boot. You can compare the two logs to help you identify a problem. To save a log of a boot, follow these steps: 1. With your System event log recently cleared, reboot your computer. 2. Return to Event Viewer. How many events are now recorded in your System log? 132 3. Does this list of events include any Warning or Error events? If so, describe these events here:

University of the Fraser Valley Lab 5 - Page 1 of CIS 190 Systems Hardware Concepts Course Lab 5 Yes, Warning- Win32K( Power Manager has not requested suppression of all input ) Warning -DNS Client Events (Microsoft-Windows-DNS-Client) Name resolution for the name wpad timed out after none of the configured DNS servers responded. Client PID 3076. 4. Save a new file of System events to your Logs folders, and name the file SystemBootEV mmdd-yy . What is the name of the log file, including the file extension? SystemBootEV04-06-22.evtx 5. Now, with the System log still selected, clear the System log. 6. Close the Event Viewer. Next, you create an intentional problem by disconnecting the network cable from your computer. Then, you observe how the resulting errors are recorded in the Event Viewer. Do the following: 1. Carefully disconnect the network cable from the network port on the back of your computer. 2. Open Internet Explorer, and try to surf the web. 3. Close Internet Explorer, and then open Event Viewer. How many new events are displayed? 3 4. List the source, date, and time for any Error or Warning events you see: Source: DistributedCOM; date& time: 06-04-2022; 16:08:50 To restore the network connection and verify the connection is working, follow these steps: 1. Reconnect the network cable to the network port on the back of your computer. Open Internet Explorer. Can you surf the web? Yes, I can surf the web 2. In the center pane of the Event Viewer window, the System log reports that new events are available. To see these events, on the menu bar, click Action, and then click Refresh. How many events are now listed? 8 When troubleshooting a system, comparing current events with a list of events you previously stored in a log file is often helpful because you can spot the time when a particular problem occurred. Follow these steps to compare the current list of events with the log you saved earlier: 1. Use Windows Explorer to locate the System log files in the C:\Logs folder you created earlier in this lab. Double-click one of these log files. A second instance of Event Viewer opens

University of the Fraser Valley Lab 5 - Page 1 of CIS 190 Systems Hardware Concepts Course Lab 5 displaying this log file. Notice in this new window the saved log file is listed in the console tree under Saved Logs.  List all the saved logs that are displayed: SytemBootEV04-06-22 SystemEV04-06-22  What happens when you click on a saved log? The name of the 2 logs we saved earlier in the lab appears i.e: SytemBootEV04-06-22 SystemEV04-06-22 2. To compare two logs, you can position the two Event Viewer windows side by side. Snap one Event Viewer window to the right of your screen by dragging the window to the right edge of the screen, and then snap the other Event Viewer window to the left of your screen. 3. Widen or narrow the panes in each window so you can see the events listed in each window. In a troubleshooting situation, you would look for differences in the two logs to help you find the source of a problem. 4. Close both Event Viewer windows. Review Questions 1. Judging by its location in Control Panel, what type of tool is Event Viewer? Administrative tool 2. What is the file extension that Event Viewer assigns to its log files? .evtx 3. How can you examine events after you have cleared them from Event Viewer? We can examine them by looking into the saved logs 4. Explain how to compare a log file with the current set of listed events: Open event viewer. Open another instance of event viewer and open the saved log file. Then you can view them side by side 5. Why might you like to keep a log file of events that occurred when your computer started correctly? List the steps to create a log of a successful start-up: We would like to keep a log file of events to confirm against a log that was unable to start correctly. To save a log file, while you are in the system tab click on action in the menu bar , then click save all event as and then save it in the folder you have made with a proper name.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

University of the Fraser Valley Lab 5 - Page 1 of CIS 190 Systems Hardware Concepts Course Lab 5 **** Please hand in this report at the end of the lab. *****

CIS190 LAB5

Related Documents