Home » Security Bloggers Network » How To Audit Windows 10 Application Logs

How To Audit Windows 10 Application Logs

by Greg Belding on April 28, 2020

Introduction

The Audit feature in Windows 10 is a useful carryover from prior Windows versions. It allows Windows 10 users and administrators to view security events in an audit log for the purpose of tracking, system and security events.

This primer article will detail what the Windows application log is and where it is viewed. In addition, we will explore the importance of logging and auditing, how to enable auditing on your Windows 10 system, and how to view the security event log.

What is the Windows application log?

Windows has given users and administrators ongoing access to logs to better understand system and security events. The application log is used to record events written by applications and services. These applications may be proprietary/commercial applications (including SQL Server) and applications developed by your organization.

Events that can be logged include a whole host of application events, from application startup events to run-time error events. Support specialists may request access to your application log to help them assess an application issue.

Where can you find the application log?

Microsoft has carried over Event Viewer to Windows 10. To easily access Event Viewer, type “Event” into the Windows 10 Cortana search bar, then click on “Event Viewer” when it appears in your search results. After Event Viewer opens, select “Windows Logs” from the console tree on the left-hand side, then double-click on “Application” in the console tree. Your Windows 10 application log will appear.