Event logs are often the first thing troubleshooters look at when problems arise. Microsoft recognized this and has made some major improvements to the Event Viewer in Vista.

Some of these improvements include -centralized log management -multiple log queries -improved event filtering Let's start by taking a look at the "new & improved" Vista Event Viewer. You can still launch it from the command line with eventvwr.msc or find it under Administrative Tools.

The first thing you will notice is the Action Pane. This will be familiar if you are using R2 as it is one of the big changes in MMC 3.0. The Action pane adds shortcuts to common tasks normally accessed via right-clicking nodes or objects.

In the left pane (called the Scope Pane) we can see new nodes including Global Logs, Application Logs and Views.

If you drill down through the Application Logs and look at the center pane (called the View Pane) you can see a whole slew of new logs split into specific categories. This will make finding the events you are interested in much easier!

The biggest improvement to the Event Viewer in Vista has to be Views. In previous versions you could filter the log file you had open and view specific events based on a few options. The Views node allows you to create powerful queries that span event logs and run highly customizable searches of the event log (or logs) and save these views to run again at a later date.

Finally, the event logs are stored in XML format in Vista and you can view the events in Friendly View.....

..... or Detailed View

All in all, there have been some major improvements to the Event Viewer in Vista that will make troubleshooting a bit easier!