How to find crash and error logs and location in Windows 10 ?


👤 Diwas Poudel    🕒 Nov 8 2021    📁 Fix    📜 0 comment

macOS, Linux, and Windows OS are the three most popular operating systems in the world. If you ask any tech geeks, which operating system crashes the most ?. Then everyone's answer will state, there is no operating system that does not crash, but most crashes, freezes and hanged operating system is Windows OS.

There are various reasons for computer crashes, some might be hardware issues and some may be OS issues or any Software issues.
Some of the popular and well-known issues are :

1 Virus and malware.

2 Corrupted OS and third party Software

3 Outdated Drivers

4 Insufficient and low capacity hardware resources like CPU, RAM, and Harddisk.

5 Overheating Systems, Faulty Manufacturing.

6 InCompatible Software

Actually finding errors and troubleshooting errors is a difficult task. Instead of doing random things from random advice which may be poorly stated the problem, the best solution is to try and read this blog thoroughly which helps you to understand the problem and solve it accordingly.

One thing to note is that finding and fixing crashes may take time. Some can be fixed soon and some may take days. These steps mention here help in identifying and narrowing down the problem that you are facing with your pc.

Also Read: How to find or check windows 10 login history?

 Find Windows 10 Errors Logs Using Event Viewer

When your hardware or software of the system crashes, hangs, or freezes then the operating system generates and maintains a crash log record to identify the causes of the crashes. Windows Operating System maintains this log-in Event Viewer.

Event Viewer captures all the information like how your system software and drivers are loaded. That captured information can be of various types like errors types, informational types, warning types, success audit types, alert types, notice types, debug types failure audit types. Though there are a large amount of data in logs, our mission should be to find and filter specific problem.

Event Severity Types:

There are mainly 3 event severity types: Information, Warning, Error.

Informational: It indicates successful action performed in your system. Like progress status messages, success messages, informational messages, etc.

Warning: It indicates information that might create problems in the future.

Error :It indicates problems like failures of critical tasks.

Follow the below steps for finding errors in Event Viewer.

1 Goto search bar and type event and select Event Viewer from the list.

Event Viewer will be opened up as shown below.

As soon as you opened the event viewer, you will get a summary of Administrative Events which provides various event type information as shown below.

Here, we can see, within 7 days, 142 Error Levels are detected, 9 within 24 hours, and 2 within the last hour.

Similarly, you can find other event types like a warning, informational, and audit success information.

For finding out error and crashes log information, we will focus on two logs.

  • Windows Logs
  • Applications and Services Logs 

Now, let's find out the simple errors.

2 Under Windows Logs, click on System. Then on the main panel, you will find all the log information. Scroll down in the main panel, you will find the Error Level log as shown below.

It provides information like when was this error recorded, its Event Id, Task Category, Source from where the error occurs, etc. When you click on the error you will get general and detail information about the error.

General Tab shows general information.

Detail Tab shows raw event data and you can view those data in Friendly View as well as XML View.

Create Custom View of Error Logs

We can create and filter the custom views of the logs so that we can view only a particular level. 

1 Click on Create Custom View located at the top-right pane as shown below.

create-custom-view

2 Select Error from Event Level and under Event Logs dropdown select  Windows Logs > System and press Ok.

create-custom-view-event-viewer

Here, I am filtering Error Level for System Category.

3 Give a name for Custom View. Here I have given "Windows System Error Logs" as shown below.

name-of-custom-view-event-viewer

4 Those custom views are recorded under the Custom Views folder located at the top left pane.

As I have just created a "Windows System Error Logs" custom view, click on it. And we will get all error which is present under Windows Log > System.

We can easily archive those error and crashes in various format like .evt, .txt, .csv etc.

Also Read: What is TIFF File Format? How to Open TIFF Files?

Find Windows 10 Errors Log Using Powershell

Powershell is a powerful Microsoft tool that provides a command-line interface for task automation and configuration management framework.

Let's find out error logs using Powershell.

Syntax:

Get-EventLog -Log LogName | where {$_.entryType -match "LogType"}

Eg. Finding Error Level Log from Windows System records related to programs installed on the system.

Get-EventLog -Log system  | where {$_.entryType -match "Error"}

or simply

Get-EventLog -LogName System -EntryType Error

Now, 

let's get the newest 15 error log from System Event.

Get-EventLog -LogName System -Newest 15 -EntryType Error

15 system error event log

Here, instead of 15, you can use any number.

 

Find Windows 10  Crashes and Error Logs using Reliability Monitor

Windows 7 introduced Reliability Monitor features and later adopted them in Windows 8,8.1 and 10. Reliability Monitor gives a quick overview of how your system is. It describes errors, warnings, crash information in graphical format in a much readable way. Overall, Reliability Monitor tells about how reliable and stable your system has been.

So, let's find Windows 10 crashes and error logs using Reliability Monitor.

1 Goto search bar and type reliability and then select "view reliability history" from the list.

Reliability Monitor looks like this:

It has a stability Score that ranges from 1 to 10. And according to your system, it score changes time and again. From the figure above at horizontal line, we can clearly see that, at 5/24/2021, stability index is around 5 and system war performing good up to 6/2/2021. Then stability score decreased at 6/3/2021.

It has 4 different categories. Shown in the right red rectangle above.

  • Application Failures: These tracks like unexpectedly closed the application, application not responding information, etc.
  • Windows Failures: This tracks Operating system failed to start, OS crashes, driver failure, etc.
  • Miscellaneous Failures: Other failures not included in application and windows failures.
  • Warnings: such as Unable to update windows etc.
  • Information: such as Successful windows update.

Here in the chart, critical Errors are shown by red circles, warnings are shown by yellow triangles, and information is shown in blue circles. Note that: Warning and information are not taken while calculating the stability index.

In the graph we can see, the first error occurred on 5/24/2021 shown by the red X circle and that error is related to application failures. We can see at 6/5/2021, application and windows related failures/errors have occurred, also at the same day warnings and informational messages are also shown.

When you click on any row in the chart, you will get respective date failures(if any)/warning(if any)/information(if any) just below the chart.

When clicked on the row of date: 6/3/2021, those errors are shown as below. Here we can clearly see that system is having critical errors as Windows Hardware errors and Asus System Analysis Stopped working error. Also, it is showing Windows Update failure warning and Windows 

Find Windows 10  Crashes and Error Logs using Third-Party Software

There are lots of Windows 10 Event Logs third-party software which can handy for you. So here is the list of some commonly used Windows 10 Event Logs Viewer for Finding Crashes and Error Logs

1 SysMon

Sysmon (System Monitor) is a component of SysInternals Tools. It is a Windows system service and device driver. Once installed, it remains resident across system reboots to monitor and log system activity to the Windows event log. It provides detailed information on what is happening in the operating system, such as process creations, network connections, and changes to file creation time.

Download

2 Splunk 

Splunk Cloud Platform can be used to monitor Windows Event Log channels. Splunk universal or heavy forwarder is utilized here to collect data and send it to Splunk Cloud Platforms.

splunk-enterprise
fig. Splunk Enterprise Dashboard (source)

Download

3 Event Log Explorer

Event Log Explorer is a powerful software tool that allows you to observe, analyze, and monitor Windows Event Log activities. Event Log Explorer significantly simplifies and accelerates event log examination of all types, including security, system, application, setup, DNS, and others.

Download

4 LOGalyze

Logalyze is open-source software that is free and lightweight for centralized log management and network monitoring.LOGalyze can analyze server and application logs and can reports data in PDF, CSV, and HTML format. It is compatible with both Linux and Windows operating systems.
It also offers powerful search capabilities and can detect real-time events in services distributed across multiple nodes.

logalyze
fig. Logalyze (source)

Download

FAQ:

1 What are the most common crashes in Windows 10?

Ans: Almost all the crashes and error logs of windows 10 can be found in Event Viewer. Event Log can tell you why and when a crash occurred.

There are 3 most common crashes in Windows 10 are :

  • Unexpected Shutdown and restart.
  •  Application Hangs
  • Application Level Fault.
2 Where to find startup problems?

Ans: You can find boot/startup logs in Event Viewer, Reliability Monitor, and in Boot Logs.

You can look above for the Event Viewer method and reliability monitor methods. Here I will explain using Boot Logs. Actually, Boot Logs contains both Successful as well as unsuccessful information that occurs during boot. Those logs are found in the Ntbtlog.txt file.

3 What is BSOD?

BSOD stands for Blue Screen Of Death. As a name, they are a kind of fatal windows system crash displayed in Blue Screen as shown below.

Blue Screen Of Death

BSOD signifies a system crash in which the operating system is unable to operate safely. The General Cause of BSOD is hardware and software drivers issues.

4 How to fix Windows Corrupted System Files?

If there are corrupted system files in Windows, then SRC(System File Checker) can fix most of them.

  • Open Command Prompt with admin privileges.
  • Type below command and press Enter
sfc /scannow

Then wait for the process to complete.