How to fetch application crashes on a Windows machine

Vedang Agarwal 0 Reputation points
2024-09-19T08:19:24.8566667+00:00

Requirement:- I want to create a script that fetches application crashes from a windows machine independent of the machine i.e. if I deploy the script on every machine, it should give me the application crashes.

Approaches:-
1)Filter the event viewer with event id's 1001, 1000 and 1026 with LogName filter as 'Application'
2)Another approach is to go through the dump files of each user at the %User/Appdata/Local/CrashDumps folder or the C:/Windows/Appdata/CrashDumps folder.

Which of these approaches gives me the exhaustive and more accurate list of application crashes?
I have read at some places that it is not necessary, every app crash will create a dump file. If event viewer approach is betterm do you suggest some other event ID's too?

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,378 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Daisy Zhou 23,346 Reputation points Microsoft Vendor
    2024-09-20T07:22:45.1666667+00:00

    Hello Vedang Agarwal,

    Thank you for posting in Q&A forum.

    I am sorry, I'm not very familiar with scripting.

    I think you could use PowerShell command, such as get-event/get-eventlog.

    Here is the link for your reference:

    Get-EventLog (Microsoft.PowerShell.Management) - PowerShell | Microsoft Learn

    Get-Event (Microsoft.PowerShell.Utility) - PowerShell | Microsoft Learn

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

    Best Regards,

    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.