Event Logs

Event Logs

Event log are the files used by Microsoft Windows to store the details of important events, such as a user starting a file transfer, and the details of resource problems, such as memory allocation failure. You can use the information in event logs to determine the cause of critical events. For example, if the file server is down when a web server tries to upload a file, the application can write an entry to an event log.

Types of event logs

Windows maintains the following types of event logs:

  1. System Event Log: Logs information that takes place on system level hardware.
  2. Security Event Logs: Logs security level events. These events are the success and failure messages of users logging on and logging off Windows, SQL Server, and other types of applications.
  3. Application Log: Contains events logged by applications or programs.

Implementation of the EventLog

You can view event logs programmatically in you code by using the EventLog class in the .NET Framework. The EventLog class allows you to read, write, and delete entries within a log. Yu can also create custom logs that you use to write to from your application. You can also create, modify, and delete event sources.

The following code example demonstrates the creation of a custom eventlog and a custom event source.

Class MyEventLog

{ 

    static void Main(string[] args)

    {

        //Create the source, if it does not already exist.

        if (!EventLog.SourceExists("MySource"))

        {

             EventLog.CreateEventSource("MySource", "MyNewLog");

            Console.WriteLine("CreatingEventSource");

         }

        //Create an EventLog instance and assign its source.

        EventLog mylog = new EventLog();

        mylog.Source = "MySource"

        mylog.WriteEntry("Writing to event log."); 

        Console.ReadLine();

     }

}