EventLog[] remoteEventLogs;
// Gets logs on the local computer, gives remote computer name to get the logs on the remote computer.
remoteEventLogs = EventLog.GetEventLogs(System.Environment.MachineName);
Console.WriteLine("Number of logs on computer: " + remoteEventLogs.Length);
for ( int i=0; i<remoteEventLogs.Length; i++ )
Console.WriteLine("Log: " + remoteEventLogs[i].Log);
//logType can be Application, Security, System or any other Custom Log.
string logType = "Application";
EventLog ev = new EventLog(logType, System.Environment.MachineName);
int LastLogToShow = ev.Entries.Count;
if ( LastLogToShow <= 0 )
Console.WriteLine("No Event Logs in the Log :" + logType);
// Read the last 2 records in the specified log.
int i;
for ( i = ev.Entries.Count - 1; i>= LastLogToShow - 2; i--)
{
EventLogEntry CurrentEntry = ev.Entries[i];
Console.WriteLine("Event ID : " + CurrentEntry.EventID);
Console.WriteLine("Entry Type : " + CurrentEntry.EntryType.ToString());
Console.WriteLine("Message : " + CurrentEntry.Message + "\n");
}
ev.Close();
写入日志
若要写入事件日志使用 EventLog 类的 WriteEntry 方法中。若要成功写入事件日志,您的应用程序必须具有对它试图写入日志的写访问。您必须具有读取和写入事件日志中的权限有关的详细信息,请访问下面的 Microsoft 网站。
//See if the source exists.
if ( ! ( EventLog.SourceExists("MySystemSource", System.Environment.MachineName)))
EventLog.CreateEventSource("MySystemSource", "System", System.Environment.MachineName);
EventLog ev = new EventLog("System", System.Environment.MachineName, "MySystemSource");
/* Writing to system log, in the similar way you can write to other
* logs that you have appropriate permissions to write to
*/
ev.WriteEntry("Warning is written to system Log", EventLogEntryType.Warning, 10001);
MessageBox.Show("Warning is written to System Log");
ev.Close();
//Create an EventLog instance and pass log name and MachineName where the log resides.
EventLog ev = new EventLog("Security", System.Environment.MachineName);
ev.Clear();
ev.Close();
// Create the source, if it does not already exist.
if (! (EventLog.SourceExists("MyOldSource", System.Environment.MachineName)))
EventLog.CreateEventSource("MyOldSource", "MyNewLog", System.Environment.MachineName);
Console.WriteLine("CreatingEventSource");
using System;
using System.Drawing;
using System.Collections;
using System.ComponentModel;
using System.Windows.Forms;
using System.Data;
using System.Security;
using System.IO;
using System.Diagnostics;
namespace WindowsApplication1
{
/// <summary>
/// Summary description for Form1.
/// </summary>
public class Form1 : System.Windows.Forms.Form
{
private System.Diagnostics.EventLog eventLog1;
private System.Windows.Forms.Button btnListLog;
private System.Windows.Forms.Button btnReadLog;
private System.Windows.Forms.Button btnWriteLog;
private System.Windows.Forms.Button btnClearLog;
private System.Windows.Forms.Button btnCreateLog;
private System.Windows.Forms.Button btnDeleteLog;
private System.Windows.Forms.Button btnRecNotice;
/// <summary>
/// Required designer variable.
/// </summary>
private System.ComponentModel.Container components = null;
public Form1()
{
//
// Required for Windows Form Designer support.
//
InitializeComponent();
//
// TODO: Add any constructor code after InitializeComponent call.
//
}
/// <summary>
/// Clean up any resources that are being used.
/// </summary>
protected override void Dispose( bool disposing )
{
if( disposing )
{
if (components != null)
{
components.Dispose();
}
}
base.Dispose( disposing );
}
#region Windows Form Designer generated code
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.eventLog1 = new System.Diagnostics.EventLog();
this.btnListLog = new System.Windows.Forms.Button();
this.btnReadLog = new System.Windows.Forms.Button();
this.btnWriteLog = new System.Windows.Forms.Button();
this.btnClearLog = new System.Windows.Forms.Button();
this.btnCreateLog = new System.Windows.Forms.Button();
this.btnDeleteLog = new System.Windows.Forms.Button();
this.btnRecNotice = new System.Windows.Forms.Button();
((System.ComponentModel.ISupportInitialize)(this.eventLog1)).BeginInit();
this.SuspendLayout();
//
// eventLog1
//
this.eventLog1.MachineName = System.Environment.MachineName;
this.eventLog1.SynchronizingObject = this;
this.eventLog1.EntryWritten += new System.Diagnostics.EntryWrittenEventHandler(this.eventLog1_EntryWritten);
//
// btnListLog
//
this.btnListLog.Location = new System.Drawing.Point(32, 16);
this.btnListLog.Name = "btnListLog";
this.btnListLog.Size = new System.Drawing.Size(152, 23);
this.btnListLog.TabIndex = 0;
this.btnListLog.Text = "List Event Logs";
this.btnListLog.Click += new System.EventHandler(this.btnListLog_Click);
//
// btnReadLog
//
this.btnReadLog.Location = new System.Drawing.Point(32, 46);
this.btnReadLog.Name = "btnReadLog";
this.btnReadLog.Size = new System.Drawing.Size(152, 23);
this.btnReadLog.TabIndex = 1;
this.btnReadLog.Text = "Read Event Logs";
this.btnReadLog.Click += new System.EventHandler(this.btnReadLog_Click);
//
// btnWriteLog
//
this.btnWriteLog.Location = new System.Drawing.Point(32, 77);
this.btnWriteLog.Name = "btnWriteLog";
this.btnWriteLog.Size = new System.Drawing.Size(152, 23);
this.btnWriteLog.TabIndex = 2;
this.btnWriteLog.Text = "Write Event Logs";
this.btnWriteLog.Click += new System.EventHandler(this.btnWriteLog_Click);
//
// btnClearLog
//
this.btnClearLog.Location = new System.Drawing.Point(32, 106);
this.btnClearLog.Name = "btnClearLog";
this.btnClearLog.Size = new System.Drawing.Size(152, 23);
this.btnClearLog.TabIndex = 3;
this.btnClearLog.Text = "Clear Logs";
this.btnClearLog.Click += new System.EventHandler(this.btnClearLog_Click);
//
// btnCreateLog
//
this.btnCreateLog.Location = new System.Drawing.Point(32, 137);
this.btnCreateLog.Name = "btnCreateLog";
this.btnCreateLog.Size = new System.Drawing.Size(152, 23);
this.btnCreateLog.TabIndex = 4;
this.btnCreateLog.Text = "Create Custom Logs";
this.btnCreateLog.Click += new System.EventHandler(this.btnCreateLog_Click);
//
// btnDeleteLog
//
this.btnDeleteLog.Location = new System.Drawing.Point(32, 168);
this.btnDeleteLog.Name = "btnDeleteLog";
this.btnDeleteLog.Size = new System.Drawing.Size(152, 23);
this.btnDeleteLog.TabIndex = 5;
this.btnDeleteLog.Text = "Delete Custom Logs";
this.btnDeleteLog.Click += new System.EventHandler(this.btnDeleteLog_Click);
//
// btnRecNotice
//
this.btnRecNotice.Location = new System.Drawing.Point(32, 199);
this.btnRecNotice.Name = "btnRecNotice";
this.btnRecNotice.Size = new System.Drawing.Size(152, 23);
this.btnRecNotice.TabIndex = 6;
this.btnRecNotice.Text = "Receive Event Notifications";
this.btnRecNotice.Click += new System.EventHandler(this.btnRecNotice_Click);
//
// Form1
//
this.AutoScaleBaseSize = new System.Drawing.Size(5, 13);
this.ClientSize = new System.Drawing.Size(216, 237);
this.Controls.Add(this.btnRecNotice);
this.Controls.Add(this.btnDeleteLog);
this.Controls.Add(this.btnCreateLog);
this.Controls.Add(this.btnClearLog);
this.Controls.Add(this.btnWriteLog);
this.Controls.Add(this.btnReadLog);
this.Controls.Add(this.btnListLog);
this.Name = "Form1";
this.Text = "Form1";
((System.ComponentModel.ISupportInitialize)(this.eventLog1)).EndInit();
this.ResumeLayout(false);
}
#endregion
/// <summary>
/// The main entry point for the application.
/// </summary>
[STAThread]
static void Main()
{
Application.Run(new Form1());
}
private void btnListLog_Click(object sender, System.EventArgs e)
{
EventLog[] remoteEventLogs;
// Gets logs on the local computer, gives remote computer name to get the logs on the remote computer.
remoteEventLogs = EventLog.GetEventLogs(System.Environment.MachineName);
Console.WriteLine("Number of logs on computer: " + remoteEventLogs.Length);
for ( int i=0; i<remoteEventLogs.Length; i++ )
Console.WriteLine("Log: " + remoteEventLogs[i].Log);
}
private void btnReadLog_Click(object sender, System.EventArgs e)
{
//logType can be Application, Security, System or any other Custom Log.
string logType = "Application";
/* In this case the EventLog constructor is passed a string variable for the log name and
* second argument mention the computer name that you want to read the logs from,
* and that you have appropriate permissions to*/
EventLog ev = new EventLog(logType, System.Environment.MachineName);
int LastLogToShow = ev.Entries.Count;
if ( LastLogToShow <= 0 )
Console.WriteLine("No Event Logs in the Log :" + logType);
// Read the last 2 record in the specified log.
int i;
for ( i = ev.Entries.Count - 1; i>= LastLogToShow - 2; i--)
{
EventLogEntry CurrentEntry = ev.Entries[i];
Console.WriteLine("Event ID : " + CurrentEntry.EventID);
Console.WriteLine("Entry Type : " + CurrentEntry.EntryType.ToString());
Console.WriteLine("Message : " + CurrentEntry.Message + "\n");
}
ev.Close();
/* Similarly you can loop through all the entries in the log using
* the entries collection as shown in the following commented code.
* For Each entry In ev.Entries */
}
private void btnWriteLog_Click(object sender, System.EventArgs e)
{
/* When writing to an event log, pass the computer name where
* the log resides. Here the MachineName Property of the Environment class
* is used to determine the name of the local computer. Assuming that you have
* the appropriate permissions, it is also easy to write to event logs on
* other computers.*/
//See if the Source exists.
if ( ! ( EventLog.SourceExists("MySystemSource", System.Environment.MachineName)))
EventLog.CreateEventSource("MySystemSource", "System", System.Environment.MachineName);
EventLog ev = new EventLog("System", System.Environment.MachineName, "MySystemSource");
/* Writing to system log, in the similar way you can write to other
* logs that you have appropriate permissions to write to
*/
ev.WriteEntry("Warning is written to system Log", EventLogEntryType.Warning, 10001);
MessageBox.Show("Warning is written to System Log");
ev.Close();
}
private void btnClearLog_Click(object sender, System.EventArgs e)
{
//Create an EventLog instance, and pass log name and MachineName where the log resides.
EventLog ev = new EventLog("Security", System.Environment.MachineName);
ev.Clear();
ev.Close();
}
private void btnCreateLog_Click(object sender, System.EventArgs e)
{
// Create the source, if it does not already exist.
if (! (EventLog.SourceExists("MyOldSource", System.Environment.MachineName)))
// Creating a new log
EventLog.CreateEventSource("MyOldSource", "MyNewLog", System.Environment.MachineName);
Console.WriteLine("CreatingEventSource");
}
private void btnDeleteLog_Click(object sender, System.EventArgs e)
{
string logName = "MyNewLog";
if ( EventLog.SourceExists("MyOldSource", System.Environment.MachineName))
{
logName = EventLog.LogNameFromSourceName("MyOldSource", System.Environment.MachineName);
EventLog.DeleteEventSource("MyOldSource", System.Environment.MachineName);
EventLog.Delete(logName, System.Environment.MachineName);
Console.WriteLine(logName + " deleted.");
}
}
private void btnRecNotice_Click(object sender, System.EventArgs e)
{
// Create the source, if it does not already exist.
if (EventLog.SourceExists("MySource", System.Environment.MachineName) == false)
{
EventLog.CreateEventSource("MySource", "Application", System.Environment.MachineName);
Console.WriteLine("CreatingEventSource");
}
eventLog1.Log = "Application";
//Enable EnableRaisingEvents to true
eventLog1.EnableRaisingEvents = true;
EventLog.WriteEntry("MySource", "EntryWritten event is fired", EventLogEntryType.Information);
}
private void eventLog1_EntryWritten(object sender, System.Diagnostics.EntryWrittenEventArgs e)
{
if (e.Entry.Source == "MySource")
Console.WriteLine("Entry written by my app. Message: " + e.Entry.Message);
}
}
}
验证结果
若要验证结果,请按照下列步骤操作:
在 Visual Studio.net 中 Microsoft 或 Microsoft Visual Studio 2005 中,创建一个新 Visual C#.net 或 Visual C# 2005 Windows 应用程序的项目。默认状态下,创建 Form1.vb。
替换中 Form1.vb 代码与本文"完整代码列表"一节中列出的代码。
在 调试 菜单上单击 $ 开始 以运行该应用程序。
在窗体上执行各种操作。
在 视图 菜单上单击 服务器资源管理器 以验证结果。
展开 服务器,然后展开 您的计算机名称。
在计算机名称下展开 事件日志。
注意在 服务器 节点,服务器资源管理器中不可用,学院版的 Visual C#.net。在这种情况下可以使用 Windows 事件查看器查看您的应用程序的结果。
回到顶端
