You need to determine which sources are attached to a particular event log before the log is examined and/or deleted. A source is a component or application that has registered itself to a particular event log as a source of events.

Use the following method to extract all of the source names registered to a log (pass the log’s name in as the logName argument):

public ArrayList FindSourceNamesFromLog(string logName)
{
    ArrayList sourceNamesList = new ArrayList( );

    string[] eventLogNames = Registry.LocalMachine.OpenSubKey 
      (@"SYSTEM\CurrentControlSet\Services\Eventlog").GetSubKeyNames( );
    foreach (string log in eventLogNames)
    {
        Console.WriteLine("log: " + log);
        if (logName == log)
        {
            string[] sourceNames = Registry.LocalMachine.OpenSubKey 
                    (@"SYSTEM\CurrentControlSet\Services\Eventlog\" + 
                    log).GetSubKeyNames( );

            sourceNamesList.Capacity = Registry.LocalMachine.OpenSubKey 
                    (@"SYSTEM\CurrentControlSet\Services\Eventlog\" + 
                    log).SubKeyCount;

            for (int i = 0; i < sourceNames.Length; i++)
            {
                sourceNamesList.Add(sourceNames[i]);
                Console.WriteLine("SourceName: " + sourceNames[i]);
            }
        }
    }

    return (sourceNamesList); 
}

To obtain a listing of all logs and their registered sources, use the following method:

public static Hashtable FindSourceNamesFromAllLogs( ) { Hashtable logsAndSources = new Hashtable( ); string[] eventLogNames = Registry.LocalMachine.OpenSubKey (@"SYSTEM\CurrentControlSet\Services\Eventlog").GetSubKeyNames( ); ...