Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2007-01-17

You can use Event Viewer to obtain information about service failures, replication errors in the Active Directory directory service, and warnings about system resources such as virtual memory and disk space. Use Event Viewer to view and manage event logs; obtain information about hardware, software, and system problems that must be resolved; and identify trends that require future action.

Event Viewer maintains logs about application, security, and system events on your computer. Both Microsoft Exchange Server and Microsoft Windows report warnings and error conditions to the event logs. Therefore, make sure that you review event logs daily.

For more information about Event Viewer, see the Windows Server 2003 Help documentation. You can also use Event Viewer as a troubleshooting tool. For more information about using Event Viewer as a troubleshooting tool, see Microsoft Knowledge Base article 302542 "How to Diagnose System Problems with Event Viewer in Windows Server 2000."

A computer that is running a Windows Server 2003 operating system records events in three types of logs:

Exchange 2007 diagnostic logging records significant events related to authentication, connections, and user actions. After you enable diagnostic logging, you can view the log entries in Event Viewer.

Using the maximum logging settings is not recommended unless you are instructed to do this by Microsoft Product Support Services. Maximum logging drains significant resources and can give many "false positives," that is, errors that get logged only at maximum logging but are really expected and are not a cause for concern. It is also recommended that you do not enable diagnostic logging permanently. Use it only when troubleshooting.

Within each Event Viewer log, Exchange Server records informational, warning, and error events. Monitor these logs closely to track the types of transactions being conducted on your Exchange servers. You should periodically archive the logs or use automatic rollover to avoid running out of space. Because log files can occupy a finite amount of space, increase the log size (for example, to 50 MB) and set it to overwrite, so that Exchange Server can continue to write new events.

You can also automate event log administration by using tools and technologies such as the following:

For More Information

For information about other important daily operations tasks, see Daily Tasks.