Network Troubleshooting: Event Logs
One of the most useful troubleshooting techniques for diagnosing network problems is to review the network operating system’s built-in event logs. These logs contain information about interesting and potentially troublesome events that occur during the daily operation of your network.
Ordinarily, these logs run in the background, quietly gathering information about network events. When something goes wrong, you can check the logs to see whether the problem generated a noteworthy event. In many cases, the event logs contain an entry that pinpoints the exact cause of the problem and suggests a solution.
To display the event logs in a Windows server, use Event Viewer, which is available from the Administrative Tools menu. For example, the following illustration shows an Event Viewer from a Windows Server 2008 system. The tree listing on the left side of Event Viewer lists five categories of events that are tracked: Application, Security, System, Directory Service, and File Replication Service. Select one of these options to see the log that you want to view. For details about a particular event, double-click the event to display a dialog box with detailed information about the event.