Collecting network logs
All machines on your network are not likely to be Linux; therefore, to keep a balance of things, we will use Windows as an example for this exercise.
To start Event Viewer, click on the start button and write Event Viewer
, as shown in the following screenshot:
![Collecting network logs](https://static.packt-cdn.com/products/9781782174905/graphics/graphics/B04551_02_24.jpg)
The Event Viewer will open up as shown in the following screenshot:
![Collecting network logs](https://static.packt-cdn.com/products/9781782174905/graphics/graphics/B04551_02_25.jpg)
Event Viewer stores consists of the following components:
- Custom Views
- Windows Logs
- Applications and Services Logs
The different views stores are as follows:
- Custom Views:
- Administrative Events: This contains the Critical, Error, and Warning events from all administrative logs, as shown in the following screenshot:
- Location Activity: As the name suggests, this contains the location activity, as shown in the following screenshot:
- Administrative Events: This contains the Critical, Error, and Warning events from all administrative logs, as shown in the following screenshot:
- Windows Logs: Windows log stores events from legacy applications and events that apply to the entire system:
- Application: The Application log stores events logged by the applications or programs. For example, a database progmemory...