Using the Windows Event Viewer and Task Scheduler

Chapter 5

Using Windows Vista Event Viewer

• Use the Event Viewer to find application and system warnings, errors, and informational events.

• Four types of objects– Windows logs– Applications and service logs– Views– Subscriptions

Events and Logs

• Events are records of something that occurred on the computer

• Contains detail such as– Event ID, description, level of severity, source

component, etc.• Event logs store events in corresponding logs

– Logs built on XML– Make it easy to find specific events

• Logs broken into categories:– Windows logs, which includes:

• Application log, Security, Setup, System, Forwarded events

– Application and Service logs, which includes:• Admin, Operational, Analytic, Debug

• Create custom views to find events from multiple logs

Event Forwarding with Subscriptions

• Event forwarding allows you to send events from multiple machines to a single machine’s log (the collector)

• Event subscriptions are which events to look for and send

• All computers involved must be configured to send or receive events

Event Viewer

Using the Task Scheduler

• Task Scheduler schedules and runs tasks– Replaced Task Scheduler

• Tasks can be configure to run as another user and with certain elevated privs

• Can run tasks on a schedule or use triggers– Trigger is an event that will cause the task’s

actions to begin– Trigger can have conditions set, so that

conditions must be true in order for the trigger to fire

– Idle conditions, network conditions, and power conditions are available as well

Task Details

• Task settings available on the Settings tab such as:– Allow task to be run on demand, if task fails restart

every, if the task is already running then the following rule applies, etc

• Each task has a detailed history of each step taken to complete the task– This is very helpful when troubleshooting a task

related issue• Manage tasks with the MMC snap-in

SCHTASKS.EXE• You can create folders to manage tasks, just like

file folders• Create Basic Task Wizard will step you through

setup but Create Task presents all of the advanced options

Task Details (continued)

• Importing and exporting tasks is possible using command line tools– Export a task by copying the results

of this command into an XML file: SCHTASKS /QUERY .XML

– Import a task by right-clicking the folder you want the task in and select Import Task and provide the XML file

– Import from the command line using SCHTASKS /CREATE /XML

Running and Administering Tasks

• To run a task on demand without its trigger, right-click the tas and select Run– To stop, right-click and select End– Use SCHTASKS with /RUN and /END

at the command line• Disabled tasks will never run• View currently running tasks using

the Actions pane link “Display All Running Tasks”

Troubleshooting Task Scheduler

• When a task is not running, check that:– The trigger is configured properly, the task

is enabled, the trigger is enabled, conditions are met, no restrictions to a specific user, it doesn’t need elevated privs

• When email isn’t sending from a task as expected, verify the configuration and that the SMTP server is available

• When an unexpected result occurs, check the log for permissions problems and all steps are being performed