Event Logs
Useful as the Debug
and Trace
classes
are, the Win32 platform already provides a logging mechanism in the form of
the event log. Classes are provided in the System.Diagnostics
namespace
that allow applications to enumerate the existing event sources and logs,
read from and write to an event log manually, use an event log
as a backing store for Trace
or Debug
output, create and install new event sources, and monitor an event log for changes.
Reading the Event Log
To read an event log, create an instance of the EventLog
class
with the name of the log you wish to access, and optionally the name of the
machine on which the log resides and the event source with which to filter
the log entries. Once you have a valid EventLog
instance,
it provides a wealth of properties and methods that let you examine and manipulate
the log as a whole. To read the individual entries in the log, use the EventLog.Entries
property
to retrieve a collection of EventLogEntry
instances. The
following sample displays information on any log on your system:
// DumpLog.cs - use DumpLog <logname> using System; using System.Diagnostics; class DumpLog { static void Main(string[] args) { // Present the alternatives if (args.Length <= 0) { EventLog[] ela = EventLog.GetEventLogs(); Console.WriteLine("Usage: DumpLog <logname>"); Console.WriteLine("\n\tWhere <logname> is one of:\n"); foreach (EventLog el in ela) { Console.WriteLine("\t{0}", el.LogDisplayName); } return; } // Extract the parameters string logName ...
Get C# in a Nutshell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.