Name
EventLog
Synopsis
This class accesses Windows
event logs that are
accessible through the Event Viewer
administrative tool. Windows contains three logs by default: the
Application Log, System Log, and Security Log. The Security Log is
read-only, so you can’t write events to it. Whenever
you need to raise an event, you must select a system-wide unique
event source. This source can be any keyword, as long as it is
unique. To write an event to the Application log, use the static
two-argument version of WriteEntry( ), supplying
the source name and message as string arguments. If the source does
not exist, it is automatically registered.
You can manually register a new event source several ways. First,
call CreateEventSource( ). If you do not specify a
log name, then your events are registered with the generic
Application Log. Otherwise, a new .evt file is
created (in the %SystemRoot%\system32\config
directory). Alternatively, create a new EventLog
object, and set Source, Log,
and MachineName to the appropriate values. To
delete a source, call DeleteEventSource( ).
Delete( ) lets you delete an entire log, but be
careful not to delete one of the Windows event logs!
GetEventLogs( ) allows you to find the logs on the
system, and LogNameFromSourceName( ) allows you to
determine the log file for a given source.
You can interact with a log in many ways. Add to it using
WriteEntry( ) and remove all log entries by
calling Clear( ). Examine the
Entries property to view the individual log entries. ...