I want to connect to local log and get some events from it.I use this code:
EventLog el = new EventLog();
el.Source = "";
But I don't know what is local EventLog source. Does anyone know what is the local source?
Add a comment
|
3 Answers
It depends from which log type you want to read. It could be Application, Security, Setup or System.
You can see in the Event viewer the sources available:
Comments
I made a program before a month like this : ( using xpath query)
const string queryString = @"<QueryList> <Query Id=""0"" Path=""Security""> <Select Path=""Security"">*</Select> </Query></QueryList>";
EventLogQuery eventsQuery = new EventLogQuery("Security", PathType.LogName, queryString);
eventsQuery.ReverseDirection = true;
EventLogReader logReader = new EventLogReader(eventsQuery);
for (EventRecord eventInstance = logReader.ReadEvent();
null != eventInstance; eventInstance = logReader.ReadEvent())
{
foreach (var VARIABLE in eventInstance.Properties)
if (VARIABLE.Value.ToString().ToLower().Contains(...)
{
...
}
}
3 Comments
Ahmadali Shafiee
What is EventLogQuery Namespace?
Otiel
@ahmadalishafiee: When you search for a namespace, search for the item in msdn: msdn.microsoft.com/en-us/library/… => the namespace is indicated on the left tree:
System.Diagnostics.Eventing.Reader.
jjxtra
Keep getting authorization exceptions, there is NO WHERE on the Internet that explains this...
By your question ... what is the local source -- do you mean you want a list of sources or just want to confirm that the local source is the machine where the process is running?
As for enumerating events ... there are many different ways to do this including
var log = new EventLog("Application");
res = from entry in log.Entries.Cast<EventLogEntry>()
entry.TimeGenerated >= start
select entry;
foreach (var e in res)
{
Console.WriteLine(e.Message);
}
