Where to put log files in Windows?

Following up on the previous post. Linux (and UNIX in general) has a centralized location for logs: that’s /var/log. Windows does not. The original idea was that you are supposed to use Event Log, which is uniform, centralized and well understood. The problem is, however, that it is a proprietary format, it requires a special viewer to see, non-trivial configuration steps to start writing, its API is cumbersome, slow, and buggy, et cetera, et cetera.

Writing log to plain text files is a deeply respected tradition that is not so easy to uproot. So, where does one put text log files on Windows? Many programs put it in “Program Files” alongside the code. The trouble is, this is now a protected area, and writing to the “Program Files” folder is generally considered a bad idea. Microsoft teams themselves seem to have a disagreement on the log location. System Restore, for example, writes to c:\windows\logs, while WMI goes to c:\windows\system32\logfiles.

The newest trend is to put the logs in c:\programdata\programname, but this makes logs hard to find, since Windows versions prior to Vista did not have the “c:\ProgramData” directory.

The bottom line is, there is no simple answer and every man is for himself.


  1. Да какая разница что там отсутствовало до висты? 2010 год, c’mon.


  2. Well, all I can say is that the vast majority of computers at my workplace and at all the clients I’ve seen so far is Windows XP, and all computers in my home are Windows XP. In fact, my friend bought a new low-end notebook yesterday with Windows XP on it. It is indeed 2010, but the fact of the matter is, Vista did not gain widespread popularity.


Leave a Reply

Your email address will not be published. Required fields are marked *