Windows keeps logs of every significant event that occurs on your PC. Most of these files contain details of program actions, changes in settings, and other everyday activities. But logs also record when things don’t work as they should, making them useful for troubleshooting.
There are several ways to view log files in Windows, so you can diagnose problems such as crashes, freezes, and failed operations. We’ll explain the best methods for finding the solutions you need.
How to Find Logs Through File Explorer
To view all the log files stored on your PC, open File Explorer and select your C: drive (or whatever is your primary drive letter). Type *.log into the search box and press Enter. This will scan your entire hard drive for Windows and programs logs, a process that can take several minutes.
There are likely to be thousands of results across many different folders, so it’s wise to filter the list to show only the most recent events. Click the Date modified button on the File Explorer toolbar and choose Today, Yesterday, or This week.
Double-click a plain-text log file to open it in Notepad. Most logs contain technical data that only developers will understand, but you may see a plain English reference to the error you’re experiencing, such as that a file is missing or a value is incorrect.
How to Check Logs in Event Viewer
Windows built-in Event Viewer lets you browse logs of all events on your computer, including when things have gone wrong. If a program has crashed, an operation has failed, or you’ve triggered the Blue Screen of Death, Event Viewer can help you diagnose the problem.
Launch Event Viewer by typing event into the Start menu search bar and clicking Event Viewer. The important information is stored under Windows Logs, so double-click that option in the folder tree to open its subfolders.
If the problem relates to a program or service, click Application. If it relates to Windows itself, such as a startup or shutdown error, click System. Either option will show you a long list of logs, including the dates and times that events occurred.
Look for logs marked Warning (which usually just means something unexpected happened), Error (something failed), or Critical (something urgently needs addressing). To save you browsing the whole list, click the View menu and choose Sort By > Level to place problem-related logs at the top.
Alternatively, to filter the logs by date and severity, click Filter Current Log in the Actions section. Choose an option from the Logged menu, such as Last 24 hours or Last seven days. Check the boxes for Error and Critical and click OK.
You can also click Custom Views > Administrative Events in the folder tree to view all warnings, errors, and critical events across all log types. This list doesn’t include Information logs about successful operations, so it’s quicker to browse.
To save even more time, you can search for the log files for a specific program or Windows feature. Click Find in the Actions list, enter the name of the tool, and keep clicking Find Next to explore the relevant logs.
Select a log to display details of the event in the section below. Double-click the log to view further information in an Event Properties window. The log summary may indicate the cause of the problem, but it’s more likely that you’ll need to figure this out yourself. We’ll explain how in a moment.
How to Browse Logs Using SnakeTail
Event Viewer can be slow and complicated to navigate unless you know exactly what you’re looking for. For a faster, simpler way to browse event logs, you can download, extract, and run the free program SnakeTail. You don’t need to install it. Just double-click the file to run once the download completes.
Download: SnakeTail for Windows 10 (Free)
Go to File > Open EventLog and choose the type of log to open, such as Application or System. SnakeTail has a tabbed interface, so you can view several lists of logs simultaneously.
As well as loading logs instantly, SnakeTail makes it easy to filter them. Right-click a level (such as Error), a date, or a source, and choose Add Filter to show only relevant results. Select an event to view details in the section below.
How to Browse Logs with FullEvenLogView
Also worth a look is FullEventLogView from NirSoft. This free tool lists all your logs in one simple interface and lets you sort the data by criteria, including event time, level, provider, and keywords.
Scroll to the bottom of the page to find the download links. When your download completes, run the program.
How to View Logs in Reliability Monitor
Rather than scroll through long lists of logs, you can use Windows inbuilt Reliability Monitor to browse the important ones visually. This makes it much easier to pinpoint exactly when an error or critical event occurred and why.
The quickest way to access Reliability Monitor is to type reliability into the Start menu search bar and select View reliability history. You can browse Reliability’s graph by Days or Weeks, and click the arrows on either side to move back and forward through time.
Look for red error crosses and yellow warning triangles, and click one to view a summary in the box below. Reliability Monitor only highlights hardware and software problems that have impacted your system’s stability, so you won’t see as many events as in Event Viewer.
Click View technical details to read an explanation of the problem. You can also choose View all problem reports (which Reliability Monitor calls logs) to browse all the stability issues that your PC has suffered recently.
Solve Specific Problems Using Logs
Although Event Viewer tells you what caused an error or critical event on your PC, its logs don’t help you fix the problem. Clicking the Event Log Online Help link in an Event Properties window merely sends the log to Microsoft and opens the Microsoft Support site (on the homepage, not a relevant article).
Fortunately, help is at hand from an excellent website called EventID.Net. This not only explains what specific Windows events actually mean but reveals how serious (or not) they are and provides the troubleshooting advice you need.
Copy and paste a log’s Event ID number from Event Viewer (or SnakeTrail) into the search box on EventID.Net’s homepage, along with the Source (the program or service). For example, if you’ve experienced the Blue Screen of Death (BSoD), the Event ID is usually 41, but the source will vary (Kernel-Power is a common one).
The site’s search engine will return matching events, accompanied by helpful comments from the EventID.Net community. For BSoD errors, there are several possible causes and solutions, all of which are clearly explained.
At the time of writing, EventID.Net’s extensive database covers 11,588 Windows event IDs and 638 event sources, with 19,234 comments. The site is free to use, but some features, such as rewording event descriptions in plain English, require a paid subscription.
If EventID.Net is no help, or the log doesn’t provide an ID number, your best bet is to copy and paste the event summary into Google or the Microsoft Community site. Someone else has likely experienced the same problem.
Believe in the Power of Logs
When your PC starts acting strangely, Windows logs can provide your secret troubleshooting weapon. Knowing where to find logs, how to view them, and what to do with their information can help you quickly identify the cause of problems and hopefully fix them.
If logs don’t hold the answer, there are lots of other free tools for diagnosing Windows problems. Some you’ll need to download, but others are helpfully built into the operating system.
