How to create a custom view in Windows Event Viewer

Event Logs contain lots of useful information. By creating a custom view in Windows Event Viewer you can easily see the specific errors you want to see. This article was created in order to display Sysmon events as described in this article.

– Launch Windows Event Viewer as shown below

Click on create Custom View, this will open the window below.
– Select By source and then Sysmon from the drop-down menu

I included all event level as shown below. Other parameters were currently not vital to me. So you can decide to include other parameters as shown below.

Now you can enter the Custom view name (in my case, I will name it Sysmon) as shown below.
– You can choose to enter a description and when you are done,
– Click on Ok.

The custom view will now appear on the left of the Event Viewer and can be used to analyze events (logs). Don’t forget that the view may be empty if there aren’t any recent activities on the PC or workstation.
– In my case, I simulated and initiated some events already.

If you found this guide on How to create a custom view in Windows Event Viewer useful, kindly support us and also leave a comment below.