Recipe8.9.Watching the Event Log for a Specific Entry

Previous page
Table of content
Next page

Recipe 8.9. Watching the Event Log for a Specific Entry

Problem

You may have multiple applications that write to a single event log. For each of these applications, you want a monitoring application to watch for one or more specific log entries to be written to the event log. For example, you might want to watch for a log entry that indicates that an application encountered a critical error or shut down unexpectedly. These log entries should be reported in real time.

Solution

Monitoring an event log for a specific entry requires the following steps:

  1. Create the following method to set up the event handler to handle event log writes:

     public void WatchForAppEvent(EventLog log) {     log.EnableRaisingEvents = true;     // Hook up the System.Diagnostics.EntryWrittenEventHandler.     log.EntryWritten += new EntryWrittenEventHandler(OnEntryWritten); }

  2. Create the event handler to examine the log entries and determine whether further action is to be performed. For example:

     public static void OnEntryWritten(object source,                                   EntryWrittenEventArgs entryArg) {     if (entryArg.Entry.EntryType == EventLogEntryType.Error)     {         Console.WriteLine(entryArg.Entry.Message);         Console.WriteLine(entryArg.Entry.Category);         Console.WriteLine(entryArg.Entry.EntryType.ToString( ));         // Do further actions here as necessary…     } }

Discussion

This recipe revolves around the EntryWrittenEventHandler delegate, which calls backa method whenever any new entry is written to the event log. The EntryWrittenEventHandler delegate accepts two arguments: a source of type object and an entryArg of type EntryWrittenEventArgs. The entryArg parameter is the most interesting of the two. It contains a property called EnTRy that returns an EventLogEntry object. This EventLogEntry object contains all the information you need concerning the entry that was written to the event log.

This event log that you are watching is passed as the WatchForAppEvent method's log parameter. This method performs two actions. First, it sets log's EnableRaisingEvents property to true. If this property were set to false, no events would be raised for this event log when an entry is written to it. The second action this method performs is to add the OnEntryWritten callback method to the list of event handlers for this event log.

To prevent this delegate from calling the OnEntryWritten callback method, you can set the EnableRaisingEvents property to false, effectively turning off the delegate.

Note that the Entry object passed to the entryArg parameter of the OnEntryWritten callbackmethod is read-only, so the entry cannot be modified before it is written to the event log.

See Also

See the "Handling the EntryWritten Event" and "EventLog.EntryWritten Event" topics in the MSDN documentation.


Previous page
Table of content
Next page
C# Cookbook
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
ISBN: 0596003943
EAN: 2147483647
Year: 2004
Pages: 424
Authors: John Viega, Matt Messier
BUY ON AMAZON
A+ Fast Pass
Network Security Architectures
A Practitioners Guide to Software Test Design
Systematic Software Testing (Artech House Computer Library)
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
Extending and Embedding PHP
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy