event-log

The following code snippet fires an event when an event is logged. The sample code works fine but the log I want to monitor is actually "Applications and Services Logs > Microsoft > Windows > Task Scheduler > Operational". What do I insert in place of "Application" in the code sample? ... EventLog myNewLog = new EventLog("Application", ".", "testEventLogEvent"); myNewLog.EntryWritten += new EntryWrittenEventHandler(MyOnEntryWritten); myNewLog.EnableRaisingEvents = true; ... The log name is Microsoft-Windows-TaskScheduler/Operational but I don't think you can access it using the EventLog class.

I'm pulling and filtering System Event Log data using get-eventlog. What I'm finding is that get-event log is not able to correctly return the message associated with some entries. These entries appear normally in the event log viewer. E.g. get-eventlog -logname system | ? { $_.source -eq "Microsoft-Windows-Kernel-General" } returns 8 entries, all of which have a message of the following form: The description for Event ID '12' in Source 'Microsoft-Windows-Kernel-General' cannot be found. The local computer may not have the necessary registry information or message DLL files to display the

My task is to make an ETW real-time consumer with events provided by 'Microsoft Windows Security Auditing'. I made a simple controller and consumer application, basing on this example http://msdn.microsoft.com/en-us/library/windows/desktop/ee441325%28v=vs.85%29.aspx and changing flags to work in real-time mode. The main function looks this way: LPTSTR SessionName = L"hahahaaa"; ULONG status = ERROR_SUCCESS; PEVENT_TRACE_PROPERTIES pSessionProperties = NULL; EVENT_TRACE_LOGFILE trace; TRACEHANDLE hTrace = 0; TRACEHANDLE hSession = 0; const GUID providerId = { 0x54849625, 0x5478, 0x4994, { 0xA5,

Can anybody tell me what is maximum size of a windows NT log message? I know that it is possible to reset the maximum log size of event log from 32 MB. I am interested about the memory a single message can hold in NT event log. Thanks in advance In Windows Server 2008 the maximum size of a single Event Log entry is: 31,839 characters http://msdn.microsoft.com/EN-US/library/windows/desktop/aa363679.aspx The answer is 32766 characters ~ 32 KB See a example below: Error: Log entry string is too long. A string written to the event log cannot exceed 32766 characters. 来源： https://stackoverflow.com

Below is an exception I encountered while running the immediately following code: The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security. The code is if (!EventLog.SourceExists(this.EventLogSource)) The content of the exception makes sense to me, it's why that doesn't. This line is running in Visual Studio 2010, .NET 4, as a console app ( for the time being ). I have run this in a different environment, but I wouldn't expect the fact that I'm remote desk'ed to break this method. I've tried changing HKML\CCS\Services\eventlog permissions - to no