Windows Event Viewer is slow on newer versions of Windows
Solution 1
Helge Klein has a great blog post showing how to do add the earliar version of the MMC snapin back - How to Get Back Windows XP’s Fast Event Viewer in Windows 7.
Basically you have to run the command
regsvr32 els.dll
from an elevated privilege command prompt and it will then show up as an MMC snapin called Classic Event Viewer. I'm very happy to have found my cheese :-)
Solution 2
I just want to quickly scan the various different event logs as quickly as possible.
Quickly scan Event Viewer you say... how about PowerShell:
Get-WinEvent -FilterHashtable @{logname='system'; level=2; StartTime=(Get-Date).date}
This will immediately return all Error events from the System log that occurred this day.
Want to look two days back?
Get-WinEvent -FilterHashtable @{logname='system'; level=2; StartTime=(Get-Date).AddDays(-1).date}
How about just the Information Events generated by Outlook from the Application log?
Get-WinEvent -FilterHashtable @{logname='application'; level=4; ProviderName="Outlook"; StartTime=(Get-Date).date}
Pretty hard to beat that.
Martin Hollingsworth
Updated on September 18, 2022Comments
-
Martin Hollingsworth over 1 year
The modern Event Viewer application that you get on all versions of Windows since Vista is so much slower the previous version that was on Server 2003 and XP. I know there is much more functionality in the newer version but most of the time I just want to quickly scan the various different event logs as quickly as possible. How can I get the the old version back?
-
MikeAWood almost 11 yearsThe splitting up of the application event logs actually IMO makes it easier as now I can drill down and review ONLY what I want to review. You can setup a custom view that will show up in the tree above the standard windows logs. That might make your task more speedy once it is setup. FWIW, I don't generally find it very slow, but then again, it isn't terribly quick either. Maybe you have other issues you need to address? Are your logs huge? -
Martin Hollingsworth almost 11 yearsIt's nothing to do with the size of the logs or dividing the logs into multiple different logs. It is just the snappyness of the tool when viewing each log. I appreciate the new viewer adds support for various scenarios but I still want my primary scenario to be as good as it used to be. I found a solution to have the best of both worlds .
-
-
Martin Hollingsworth almost 11 yearsI'm well aware of the power of PowerShell, including the CmdLets for the event log but the question was really all about restoring an existing capability. I'm all for the command line as a default but sometimes a GUI just suits the browsing scenario where you don't really know exactly what you are looking for.
-
Martin Hollingsworth almost 11 yearsI actually up voted your answer as it does add to the discussion. Just not the right answer to the scenario I was interested in. Thanks anyway @kce
-
MikeAWood almost 11 yearsWhy only worry with this is that it is missing all the application logging as well. So events that have a specific application event won't show up if the older tool is used exclusively. My concern long term would be that you would miss things that would otherwise be exposed. But very cool find and certainly a good work around if all you are going after are the regular event logs.
-
Dawn Benton about 9 yearsThe question helped me because it validated my opinion about the new event viewer -- everyone looked at me like I had two heads when I'd complain about it. Both answers were very helpful. Upvotes all around.
-
InteXX almost 7 years@DawnBenton — Maybe you do have two heads... have you checked recently? :-)
-
Alex over 5 years@JJS worked for me on Windows 10.0.15063 -
user2248402 over 5 years@Alex still no lover for me - 10.0.17134.286
The module "els.dll" was loaded but the call to DllRegisterServer failed with error code 0x80070005.
