问题描述
我想创建一个事件日志,而不是直接位于另一个文件夹下的应用程序和服务日志下。
例如:
我的事件日志的当前位置是
应用程序和服务日志/我的事件日志
我希望它是
应用程序和服务日志/事件日志文件夹/我的事件日志
有没有人可以建议我实现这个目标?
Hi,
I would like to create an event log which instead of located directly under "Application and Services Logs", located under another folder.
for example:
the current location of my event log is
"Application and Services Logs/My Event Log"
I wanted it to be
"Application and Services Logs/Event Log Folder/My Event Log"
Is there anyone who can suggest me the way to achieve this?
推荐答案
EventLog.CreateEventSource("Event Log Folder", "My Event Log");
EventLog.WriteMessage("Event Log Folder", "My message");
using System.Diagnostics;
internal class DefinitionSet {
//define how much do you need:
internal const int MaximumLogSizeKilobytes = 2048;
} //class DefinitionSet
public class EventLogInstallationHelper {
public EventLogInstallationHelper(
string applicationName, string eventLogName) {
this.EventLogName = eventLogName;
this.ApplicationName = applicationName;
} //EventLogInstallationHelper
public void Install() { //can throw exception!
if ((!string.IsNullOrEmpty(ApplicationName)) &&
(!string.IsNullOrEmpty(EventLogName)))
EventLog.CreateEventSource(
ApplicationName,
EventLogName);
EventLog log = new EventLog(EventLogName);
log.MaximumKilobytes = DefinitionSet.MaximumLogSizeKilobytes;
log.ModifyOverflowPolicy(OverflowAction.OverwriteAsNeeded, 0);
} //Install
public void Uninstall() { //can throw exception!
if (!string.IsNullOrEmpty(EventLogName)) {
EventLog deletingLog = new EventLog(EventLogName);
deletingLog.Clear();
} //if
if (!string.IsNullOrEmpty(ApplicationName))
EventLog.DeleteEventSource(ApplicationName);
result |= true;
if (!string.IsNullOrEmpty(EventLogName))
EventLog.Delete(EventLogName);
result |= true;
} //Uninstall
string ApplicationName, EventLogName;
} //class EventLogInstallationHelper
这里的非平凡部分是例外。安装事件源时应该处理这个案例(如果已经完成),卸载时不要安装。
现在,这是一个用法示例:
The non-trivial part here is exception. You should deal with the case when you install Event Source if it is already done and uninstall when it is not installed.
Now, this is an example of the usage:
string Application = "Event Log Test";
string EventLogName = "CodeProject";
EventLogInstallationHelper helper =
new EventLogInstallationHelper(
Application,
EventLogName);
try {
helper.Install();
} catch {
System.Console.WriteLine("Event Log already installed");
} //exception
EventLog.WriteEntry(Application, "some log");
EventLog.WriteEntry(Application, "some warning", EventLogEntryType.Warning);
EventLog eventLog = new EventLog();
eventLog.Source = Application;
eventLog.WriteEntry("another log");
eventLog.WriteEntry("some error", EventLogEntryType.Error);
System.Console.WriteLine("See event log now, then press any key");
System.Console.ReadKey(true);
try {
helper.Uninstall();
} catch {
System.Console.WriteLine("Event log already uninstalled");
} //exception
这里的想法是你可以拥有 EventLogName
名称,它代表一个单独文件夹中的所有日志记录应用程序。另一个名称 Application
将代表您的某个应用程序的名称作为每个日志属性中的源。
此代码经过充分测试。
The idea here is that you can have EventLogName
name, it represents all your logging applications in one separate folder. Another name, Application
, will represent a name of one of your application as a source in each log's properties.
This code is well tested.
- Application and Services Logs
-- Company Name
--- Application 1
---- ApplicationLog
--- Application 2
---- SecurityLog
---- OperationalLog
我找不到任何直接使用C的方法,但是在使用注册表项和https://docs.microsoft.com/en-us/windows/desktop/提供的文档进行了一些试验和错误之后eventlog / eventlog-key我终于开始工作了。
看来你需要在HKLM \Software \ Microoft \ Windows \ CurrentVersion \WINEVT \ Channel中创建密钥,其中主注册表项名称是key t o'文件夹'结构。 a' - '被视为更深层次的结构。例如:CompanyName \ Application \Log,应该是一个名为CompanyName-Application-Log的键。
下面是使用PowerShell执行此操作的示例脚本:
I could not find any way to do this directly using C, however after doing some trial and error with registry keys and the documentation provided at https://docs.microsoft.com/en-us/windows/desktop/eventlog/eventlog-key I finally got it to work.
It seems that you need to create keys at HKLM\Software\Microsoft\Windows\CurrentVersion\WINEVT\Channels, where the primary registry key name is key to the 'folder' structure. a '-' is seen as a deeper structure. So for example: CompanyName\Application\Log, should be a key named CompanyName-Application-Log.
Below is an example script to do this using PowerShell:
# Create the eventlog (in a subfolder structure)
# Params()
这篇关于如何在文件夹下创建事件日志的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!