Windows Event Viewer

GPTKB entity

Statements (50)
Predicate Object
gptkbp:instanceOf gptkb:software
gptkbp:canArchiveLogs yes
gptkbp:canAttachTasks yes
gptkbp:canAutomate yes
gptkbp:canBe gptkb:PowerShell
gptkb:Command_Prompt
Run dialog
gptkbp:canClearLogs yes
gptkbp:canCreateCustomLogs yes
gptkbp:canDisplayEventDetails yes
gptkbp:canExportLogs yes
gptkbp:canFilterEvents yes
gptkbp:canImportLogs yes
gptkbp:canSaveCustomViews yes
gptkbp:canSearchEvents yes
gptkbp:canShowEventProperties yes
gptkbp:canShowEventXML yes
gptkbp:canSortEvents yes
gptkbp:canTriggerActions yes
gptkbp:canViewRemoteLogs yes
gptkbp:category system administration
event logging
gptkbp:component gptkb:Windows_Administrative_Tools
gptkbp:developedBy gptkb:Microsoft
gptkbp:documentation https://docs.microsoft.com/en-us/windows/security/threat-protection/auditing/event-viewer-security-guide
gptkbp:executableName gptkb:eventvwr.msc
gptkbp:fileExtension .evtx
gptkbp:function analyze system events
troubleshoot system issues
view event logs
https://www.w3.org/2000/01/rdf-schema#label Windows Event Viewer
gptkbp:includedIn gptkb:Windows_10
gptkb:Windows_11
Windows Server editions
gptkbp:introducedIn gptkb:Windows_NT_3.1
gptkbp:location gptkb:Control_Panel_>_Administrative_Tools
gptkbp:logTypes gptkb:software
Security
Application
Forwarded Events
Setup
gptkbp:operatingSystem gptkb:Microsoft_Windows
gptkbp:supportsCustomViews yes
gptkbp:supportsExporting yes
gptkbp:supportsFiltering yes
gptkbp:usedFor application troubleshooting
security auditing
system monitoring
gptkbp:bfsParent gptkb:Windows_operating_system
gptkbp:bfsLayer 5