Using Event Viewer

As we told you at the beginning of the chapter, the Event Viewer application underwent a retooling between Windows XP/2003 and Windows Vista and beyond. While the look and feel of the application has changed, the features that we are about to talk about still exist, albeit sometimes in different locations. On the whole, the major difference in the Event Viewer from Vista and beyond revolves around the right pane. For our purposes, we can consider this pane as an extension of the Actions menu. It provides many of the context-dependent functions that you can find in Action menu with a few little bonus features for good measure. Looking back to Figure 12-1 and Figure 12-2, you will see that the Event Viewer tool is broken into ...

Get Mastering Windows Network Forensics and Investigation, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.