.NET Tip: Searching for a Needle in a Haystack, or an Entry in an Event Log, Page 2
You now can filter any event log with a few simple lines of code. The code below retrieves all the entries in the "System" event log and then applies two filters to the results. Finally, the filtered entries are displayed on the console.
EventLog Log = new EventLog("System");
EventLogEntry[] Entries =
SearchEventLog.FilterEventLog(EventLogFilterType.TimeGenerated,
Log.Entries, DateTime.Parse("1/1/2009"),
DateTime.Parse("1/31/2009"));
Entries = SearchEventLog.FilterEventLog(EventLogFilterType.EntryType,
Entries, EventLogEntryType.Error);
foreach (EventLogEntry Entry in Entries)
{
Console.WriteLine(" Message: " + Entry.Message);
Console.WriteLine(" Category: " + Entry.Category);
Console.WriteLine(" EntryType: " + Entry.EntryType.ToString());
Console.WriteLine(" Source: " + Entry.Source);
}
Here is a sample of the output from the above example when run on my computer:
Message: The time provider NtpClient is configured to acquire time
from one or more time sources, however none of the
sources are currently accessible. No attempt to contact
a source will be made for 14 minutes.
NtpClient has no source of accurate time.
Category: (0)
EntryType: Error
Source: W32Time
Message: DCOM was unable to communicate with the computer
TRSBETASQL using any of the configured protocols.
Category: (0)
EntryType: Error
Source: DCOM
Digg
del.icio.us
Slashdot
DZone
Reddit
StumbleUpon
Facebook
FriendFeed
Furl
Newsvine
Google
LinkedIn
MySpace
Technorati
Twitter
Windows Live
YahooBuzzBy combining several filters, you can extract exactly the entries you are interested in from any event log. I have saved a huge amount of time by using this method to monitor the event logs on our test and production servers for potential problems.
About the Author
Jay Miller is a Software Engineer with Electronic Tracking Systems, a company dedicated to robbery prevention, apprehension, and recovery based in Carrollton, Texas. Jay has been working with .NET since the release of the first beta and is co-author of Learn Microsoft Visual Basic.Net In a Weekend. Jay can be reached via email at jmiller@sm-ets.com.
Comment and Contribute
