Name
EventLog
Synopsis
This class accesses Windows
event logs that are
accessible through the Event Viewer
administrative tool. Windows contains three logs by default: the
Application Log, System Log, and Security Log. The Security Log is
read-only, so you can’t write events to it. Whenever
you need to raise an event, you must select a system-wide unique
event source. This source can be any keyword, as long as it is
unique. To write an event to the Application log, use the static
two-argument version of WriteEntry( )
, supplying
the source name and message as string arguments. If the source does
not exist, it is automatically registered.
You can manually register a new event source several ways. First,
call CreateEventSource( )
. If you do not specify a
log name, then your events are registered with the generic
Application Log. Otherwise, a new .evt file is
created (in the %SystemRoot%\system32\config
directory). Alternatively, create a new EventLog
object, and set Source
, Log
,
and MachineName
to the appropriate values. To
delete a source, call DeleteEventSource( )
.
Delete( )
lets you delete an entire log, but be
careful not to delete one of the Windows event logs!
GetEventLogs( )
allows you to find the logs on the
system, and LogNameFromSourceName( )
allows you to
determine the log file for a given source.
You can interact with a log in many ways. Add to it using
WriteEntry( )
and remove all log entries by
calling Clear( )
. Examine the
Entries
property to view the individual log entries. ...
Get C# in a Nutshell, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.