# Event logs ## Event logs (Event logi) View **Event logs** enables monitoring of system events originating from Windows Event Log. It allows an administrator to quickly check what is happening on systems, detect issues, and analyze security incidents. Events are presented divided by types: * **Critical** - events indicating severe problems that may cause system unavailability, data loss, or service failures. They require immediate administrator response. * **Warnings** - events signaling potential issues. The system is still operating, but errors may occur in the future if the situation is not investigated. * **Information** - events describing standard system operations, e.g., service start, successful login, or execution of a scheduled task. The view provides detailed insight into events, which facilitates analysis of user activity, problem diagnostics, and security control of the IT infrastructure. Columns in the view can be enabled and disabled at will - configuration is available in the column editor above the table. Available columns: * **Message** - the full event message recorded in the system log, e.g., “Parallel redo is started for database 'eaudytor\_8' with worker pool size \[2]”. * **EventID** - a unique event identifier assigned by Windows, facilitating its classification and analysis. * **User** - the system account associated with the event, if it was available. * **IP** - the source IP address of the event, useful for analysis of logins and network incidents. * **Computer** - the name of the computer on which the event was recorded. * **Event type** - the event level, e.g., information, warning, or critical. * **Log name** - the category of the system log, e.g., Application, System, Security. * **Operation date** - the date and time of the event occurrence. * **Host ID** - the unique identifier of the computer in the system. * **Online** - information whether the computer was online at the time the event was recorded. {% hint style="info" %} View **Event logs** is particularly useful for: * analysis of failed and unsuccessful user logins, * verification of activity from specific IP addresses, * diagnosing issues with applications and system services, * rapid response to security incidents. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://eaclouddoc.eauditor.eu/eacloud-docs-en/features/it-monitoring/event-logs.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.