5. Using Custom Event Logs
You can create custom event logs by specifying the
name you wish to use with the Log property of the
EventLog class. When you write the first event to
the log with the WriteEntry method, the ELS will
create the custom log automatically. The event source specified by
the Source property will be registered and
associated with the new custom log. The following statements
demonstrate how to create the custom log MyCustomEventLog; ELS does not create the
custom log until the WriteEntry statement is
executed:
# C#
// create a new instance that refers to the custom log
EventLog x_local_log = new EventLog( );
x_local_log.MachineName = ".";
x_local_log.Log = "MyCustomEventLog";
// specify the event source that we'll use to record events
x_local_log.Source = "MyCustomEventSource";
// write a log entry - the custom log will not be created until this point
x_local_log.WriteEntry("MyApplication exited unexpectedly");
# Visual Basic .NET
' create a new instance that refers to the custom log
Dim x_local_log As EventLog = New EventLog( )
x_local_log.MachineName = "."
x_local_log.Log = "MyCustomEventLog"
' specify the event source that we'll use to record events
x_local_log.Source = "MyCustomEventSource"
' write a log entry - the custom log will not be created until this point
x_local_log.WriteEntry("MyApplication exited unexpectedly")
Custom logs can be deleted with the
Delete method defined by the
EventLog class, as demonstrated by the following
statements:
# C#
// delete the custom event log
EventLog.Delete("MyCustomEventLog");
# Visual Basic .NET
' delete the custom event log
EventLog.Delete("MyCustomEventLog")
Use the Delete method with caution; the event log
will be removed and all of the entries and event sources will be lost
permanently. An instance of the
System.InvalidOperationException exception is
thrown by the Delete method if you attempt to
delete a log that does not exist.
|
The EventLog.Delete method will delete the
Application and System default event logs without warning. Deleting
these logs can cause applications to behave erratically.
|
|
6. Monitoring Event Logs
The EventLog class provides an event mechanism that
allows us to monitor an event log. In this section, we demonstrate
how to use this feature, which relies on the .NET event delegate
mechanism; consult the .NET documentation if you are unfamiliar with
.NET delegates.
We can register for event notification by adding an instance of the
EntryWrittenEventHandler delegate to the
EntryWritten event defined by the
EventLog class, as demonstrated by the statements
below. The delegate method signature defines the
EntryWrittenEventArgs class, which makes the event
that has been written available as an instance of
EventLogEntry accessible through the
Entry property:
# C#
using System;
using System.Diagnostics;
public class EventLogMonitor {
public static void Main( ) {
// create a new instance of the EventLog class
EventLog x_local_log = new EventLog("MyCustomEventLog");
// create a delegate to process events from the ELS
EntryWrittenEventHandler x_handler
= new EntryWrittenEventHandler(MyOnEntryWrittenMethod);
// add the delegate to the EventLog event
x_local_log.EntryWritten += x_handler;
// enable event processing
x_local_log.EnableRaisingEvents = true;
// wait to read a lone from the console - just to stop
// the application from exiting
Console.ReadLine( );
}
public static void MyOnEntryWrittenMethod(object p_source,
EntryWrittenEventArgs p_args) {
// extract the event object from the event arguments
EventLogEntry x_entry = p_args.Entry;
// write out the event details
Console.WriteLine("Event Source: {0}, Event ID {1}, Event Message {2}",
x_entry.Source, x_entry.EventID, x_entry.Message);
}
}
# Visual Basic .NET
Imports System.Diagnostics
Class EventLogMonitor
Shared Sub Main( )
' create a new instance of the EventLog class
Dim x_local_log As EventLog = New EventLog("MyCustomEventLog")
' create a delegate to process events from the ELS
AddHandler x_local_log.EntryWritten, AddressOf MyOnEntryWrittenMethod
' enable event processing
x_local_log.EnableRaisingEvents = True
' wait to read a lone from the console - just to stop
' the application from exiting
Console.ReadLine( )
End Sub
Public Shared Sub MyOnEntryWrittenMethod(ByVal p_source As Object, _
ByVal p_args As EntryWrittenEventArgs)
' extract the event object from the event arguments
Dim x_entry As EventLogEntry = p_args.Entry
' write out the event details
Console.WriteLine("Event Source: {0}, Event ID {1}, Event Message {2}", _
x_entry.Source, x_entry.EventID, x_entry.Message)
End Sub
End Class
Events will not be raised until the value of the
EnableRaisingEvents property is set to
true (C#) or True (Visual Basic
.NET). The EventWritten event is raised five
seconds after an entry has been added to the monitored event log; if
several events have been written during the five-second period, only
the last event will be signaled via the delegate.
|
The EventLog class does not support monitoring
event logs managed by other computers—only local logs can be
monitored. |
