Using Logs to Help You Track Down an Issue in Windows
Viewing logs on Windows
To view logs on Windows, you should use the Event Viewer application. To open Event Viewer, open the Start menu and search “Event Viewer”. The application icon should look like the image below. Click it to open the application.
Once open, it should look like this:
Feel free to resize the window anytime to make the text easier to read. Next, click on the “Windows Logs” folder in the far-left column. Then, select “Application” to view the application logs, where the logs for this lab are located:
Scroll through the logs to find the five logs that you need to fix for this lab. They should have a time that’s close to when you started the lab, and the “Source” field should be “Qwiklab”. To view details of a log entry, click on it in Event Viewer, and a message window will open at the bottom of the Event Viewer window.
We’ll walk through one of the logs, then the other four will be up to you. You’re on your own…but you’ve got this!
Low disk space!
Find and click on the log with “Qwiklab” as the source and Event ID 5:
This log is warning you about a large file that’s taking up disk space, but it doesn’t specify the file name. On Windows, you can find large files using the File Explorer. Please open it and navigate to your C:\ directory, then click the search bar at the top right. A “Search Options” tab should appear. Click on it to view the different ways you can configure your search:
You’re only interested in file size at the moment, so click the “Size” dropdown and choose “Gigantic” to start a search for files over 4 GB.
The search can take some time, and multiple files may appear in your search, but we’re only interested in the largest (which is almost 10 gigabytes):
Now that you know which file is causing the low-memory error, you can delete it by right-clicking the file in the search results, and selecting “delete”. You’ll need to provide admin privileges to delete it. When this popup appears, click “continue”:
Files over a certain size don’t fit in the Windows “Recycle Bin”, and can only be permanently deleted. After clicking “Continue”, you’ll see this message, indicating that the file is too large to recycle. Press “Yes” to delete permanently.
The file will be deleted, fixing the log issue! Note that the log will remain in Event Viewer because logs aren’t deleted when the issues that caused them are removed.
Now View the Event ID log 1 And resolve the issue :
Simply go into the C directory and delete the corrupted_file :
Event ID 2 log:
Now update the new version(package) of the VLC player:
Run these commands in Windows PowerShell as administrator:
$VLC_URL = "https://get.videolan.org/vlc/last/win64/"
$GET_HTML = Invoke-WebRequest $VLC_URL
$FILE = $GET_HTML.Links | Select-Object @{Label='href';Expression={@{$true=$_.href}[$_.href.EndsWith('win64.exe')]}} | Select-Object -ExpandProperty href
$URL = ($VLC_URL+$FILE)
$DOWNLOAD_DIR = "C:\users\qwiklabs\Downloads\"
$OUTPUT_FILE = ($DOWNLOAD_DIR+$FILE)
(new-object System.Net.WebClient).DownloadFile($URL, $OUTPUT_FILE)
cmd.exe /c $OUTPUT_FILE /S
Get-Package -Name *vlc* # for verifty the package has been installed
Event ID 3:
This is a malicious process running u have to terminate it through the PowerShell command
get-process #to see all the running process
kill {process id} #to kill the process 
Event ID 4:
Go the following given path:
Give the write permission to that file :
Conclusion:
Utilizing logs in Windows can significantly streamline issue identification and resolution processes by providing detailed insights into system events and errors. By carefully analyzing log data, users can pinpoint root causes, troubleshoot effectively, and implement targeted fixes, thereby improving system reliability and performance. Leveraging logs as a diagnostic tool is indispensable for maintaining a stable and optimized Windows environment.
