C# 中访问本地事件日志

发布于 2024-12-17 02:30:09 字数 149 浏览 1 评论 0原文

我想连接到本地日志并从中获取一些事件。我使用此代码：

EventLog el = new EventLog();
el.Source = "";

但我不知道本地EventLog 源是什么。有谁知道本地来源是什么吗？

原文

I want to connect to local log and get some events from it.I use this code:

EventLog el = new EventLog();
el.Source = "";

But I don't know what is local EventLog source.
Does anyone know what is the local source?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

往事随风而去 2024-12-24 02:30:09

这取决于您要读取哪种日志类型。它可以是应用程序、安全、设置或系统。

您可以在事件查看器中查看可用的来源：

在此处输入图像描述

回复收藏 0 原文

与他有关 2024-12-24 02:30:09

我在一个月前做了一个这样的程序：（使用xpath查询）

 const string queryString = @"<QueryList>  <Query Id=""0"" Path=""Security"">    <Select Path=""Security"">*</Select>  </Query></QueryList>";

        EventLogQuery eventsQuery = new EventLogQuery("Security", PathType.LogName, queryString);
        eventsQuery.ReverseDirection = true;
        EventLogReader logReader = new EventLogReader(eventsQuery);

        for (EventRecord eventInstance = logReader.ReadEvent();
            null != eventInstance; eventInstance = logReader.ReadEvent())
        {
            foreach (var VARIABLE in  eventInstance.Properties)
                if (VARIABLE.Value.ToString().ToLower().Contains(...)
                {
                    ...
                }
         }

I made a program before a month like this : ( using xpath query)

 const string queryString = @"<QueryList>  <Query Id=""0"" Path=""Security"">    <Select Path=""Security"">*</Select>  </Query></QueryList>";

        EventLogQuery eventsQuery = new EventLogQuery("Security", PathType.LogName, queryString);
        eventsQuery.ReverseDirection = true;
        EventLogReader logReader = new EventLogReader(eventsQuery);

        for (EventRecord eventInstance = logReader.ReadEvent();
            null != eventInstance; eventInstance = logReader.ReadEvent())
        {
            foreach (var VARIABLE in  eventInstance.Properties)
                if (VARIABLE.Value.ToString().ToLower().Contains(...)
                {
                    ...
                }
         }

回复收藏 0 原文

太阳公公是暖光 2024-12-24 02:30:09

通过你的问题......什么是本地源 - 你的意思是你想要一个源列表还是只是想确认本地源是进程正在运行的机器？

至于枚举事件......有很多不同的方法可以做到这一点，包括

var log = new EventLog("Application");
res = from entry in log.Entries.Cast<EventLogEntry>()
 entry.TimeGenerated >= start
  select entry;


                foreach (var e in res)
                {
                    Console.WriteLine(e.Message);
                }

By your question ... what is the local source -- do you mean you want a list of sources or just want to confirm that the local source is the machine where the process is running?

As for enumerating events ... there are many different ways to do this including

var log = new EventLog("Application");
res = from entry in log.Entries.Cast<EventLogEntry>()
 entry.TimeGenerated >= start
  select entry;


                foreach (var e in res)
                {
                    Console.WriteLine(e.Message);
                }

回复收藏 0 原文

~没有更多了~