event-log

问题 I wrote a python(3.2) script to ban ips on certain events from the event logs on a Windows 2008 server and I was trying to test if it would ban ips from sql brute forcing attempts properly. Unfortunately so far it's not getting to that part of the code because the event ID it is looking for never appears (although it should as it's in the log file). def run_script_application_log(): eventIds = [18456] #look for these events to process for possible ip bans 18456 = failed login server =

问题 I have been searching for ages to find a way to create a number of separate event logs under a sub directory of Applications and Services Logs, in the same way that there is a Sub directory Microsoft then it has a sub directory Windows then various other Directories with the App log in \Applications and Services\Microsoft\Windows\All-User-Install-Agents \Applications and Services\Microsoft\Windows\AppHost ... I would like to create something like the following \Applications and Services\My

问题 I have an EventLogReader object, and a query in the event log that looks like this: string query = "*[System[(Level=2) and TimeCreated[@SystemTime>='%LastRun%']]]") The code basically uses the reader to query for all the events that match the search query since the last time the reader was run. I would rather use the EventBookmark for this purpose. That's what it is for, after all! But I am having trouble finding any working code. My existing code run, in part, like this: // This line

问题 Using win32evtlog I can get next info: events = win32evtlog.ReadEventLog(loghandle, flags, 0) while events: for event in events: print 'Event Category:', event.EventCategory print 'Time Generated:', event.TimeGenerated print 'Source Name:', event.SourceName print 'Event ID:', event.EventID print 'Event Type:', event.EventType data = event.StringInserts if data: print 'Event Data:' for msg in data: print msg events = win32evtlog.ReadEventLog(loghandle, flags, 0) But if we look at event

问题 My Windows Azure web role ASP.NET MVC application serves REST API requests on some of the routes and those routes require "basic" authentication. Client programs often fail to authenticate - most of them are in the middle of being debugged - and so authentication failures are quite common. For every event I get a record like this in the Application log (accessible via Event Viewer or System.Diagnostics.EventLog class) Date and Time Here (ASP.NET 4.0.30319.0): Event code: 100001 Event message:

问题 I've searched and searched and can't find the answer. We have a custom service that runs and logs into the Event Viewer. In Windows 7, there's a folder called "Applications and Services Logs". How do I log an event in there? Is it even possible? 回答1: It will happen automatically when you create a new Event Log using something like: EventLog.CreateEventSource("Our Source", "Our Log"); And that call requires elevated privileges, but only needs to be done once. After that, you can reference with

问题 I want to log an Entry in the EventViewer as Critical but I don't have the EventLogType associated : System.Diagnostics.EventLog.WriteEntry("ApplicationName", message, System.Diagnostics.EventLogEntryType.Error); According to the MSDN, the EventLogEntryType have only 5 possible values : Error Warning FailureAudit Information SuccessAudit And in the EventViewer, there is 5 level of severity : Critical Error Warning Information Verbose But it is not mapped ! Error logs in Error Warning logs in

问题 I keep getting this error message when trying to write to the Event log from a console app. Here's how i write to it public static void WriteToEventLog(Exception ex) { string mySource = "Export Task"; if (!EventLog.SourceExists(mySource)) EventLog.CreateEventSource(mySource, "Application"); EventLog myLog = new EventLog(); myLog.Source = mySource; myLog.WriteEntry(ex.ToString()); } Does anyone know why this is happening and how i can fix it? 回答1: To me it sounds like: It's happening because

问题 We have a client with PowerShell 1.0. I know in PowerShell 2.0, I have the Write-EventLog commandlet . However, this doesn't appear in PowerShell 1.0. I want my script to log events to the event log, mainly for debugging purposes. How can I do this with PowerShell 1.0:? And, no I can't upgrade this computer to PowerShell 2.0. This is a customer production machine, and they don't want to touch the software on it. 回答1: You can use the .NET EventLog class to do this. It is pretty simple to use e

问题 I have an app. I'm trying to write log in Windows Event Viewer when its crashing. I found Write to Windows Application Event Log and I'm using DispatcherUnhandledExceptionEventHandler for catching unhandled exception. I'm setting it in constructor of app like: DispatcherUnhandledException += MyApplication_DispatcherUnhandledException; and write log like this: using (EventLog eventLog = new EventLog("Application")) { eventLog.Source = "Application"; eventLog.WriteEntry(exceptionMessage,