APL Wiki|
Size: 2543
Comment:
|
Size: 3868
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 2: | Line 2: |
{{{WindowsEventLog}}} is part of the CategoryAplTree project. |
|
| Line 33: | Line 35: |
| In order to write to a source "myApp" in the "Application" class: * Start regedit * Locate the following registry subkey: `HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application` * Right-click the Application subkey, point to "New," and then click Key. * Type myApp for the key name. * Close Registry Editor. }}} |
|
| Line 43: | Line 55: |
| == History == | == Problems == |
| Line 45: | Line 57: |
| For a full version history: [[WindowsEventLog/History| History]] | When you get this: {{{ System.Security.SecurityException: The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security. ( at System.Diagnostics.EventLog.FindSourceRegistration(String source, String machineName, Boolean readOnly) at System.Diagnostics.EventLog.SourceExists(String source, String machineName) at System.Diagnostics.EventLog.SourceExists(String source)) }}} this is because Microsoft in its wisdom has refused to grant "Read" permission to parts of the Event log in some versions of the Windows operating system. I wasn't able to establish a pattern... Follow these steps in order to solve the problem: 1. Select Start - Run, then enter: regedt32 1. Navigate/expand to the following key: `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security` 1. Right click on this entry and select Permissions 1. Add the user name 1. Give it Read permission == Project Page == For bug reports, future enhancements and a full version history see WindowsEventLog/ProjectPage |
| Line 52: | Line 86: |
| ||Current state:||1.0|| | |
| Line 54: | Line 87: |
| == Download == Goto the [[WindowsEventLog/DownloadPage|DownloadPage]] |
<<Include(APLTreeDownloads)>> |
| Line 58: | Line 90: |
| CategoryOpenSourceApl CategoryAplApl | CategoryAplTree |
Managing the Windows Event Log
WindowsEventLog is part of the CategoryAplTree project.
Contents
Overview
This class offers methods useful to read from and write to the Windows Event Log.
The Windows Event Log is important to many large organisation due to the fact that servers situated in a special room cannot be accessed easily, not even by an administrator, and that monitoring them has to be done remotely as a conseqence. The Windows Event Log can be easily monitored remotely and is therefore the ideal place to report "Start", "Stop", "Fatal Error", Security problems and more.
Windows Event Log Classes
There are a number of so-called classes available in the Windows Event Log:
There might be others as well. It is possible to create your own class, although this is not recommended.
An APL application programmer is likely to want to write into the "Application" class. Therefore, the WindowsEventLog class defaults to that Window Event Log class.
Source
Note that within a class you must specify a source, normally your application name. Note further that the name of the source must be unqiue across all classes, not only the class you try to write to!
Example: there is a source "Server" in the "Application" class on my machine. Although I can create a new class "MyAppl", I cannot use "Server" as a source name as a consequence!
.NET
The WindowsEventLog class uses .NET but tries to hide everything not needed for an APL application programmer, or to use appropriate defaults.
Security
Using this class without Admin rights, for example when your application runs as a service, needs "EventLogPermission" rigths. On a server you cannot control this might be a problem. Microsoft explicitly points out that granting this right is a security risc and should therefore only be given to code that is fully managed (trusted).
In order to write to a source "myApp" in the "Application" class:
- Start regedit
- Locate the following registry subkey:
HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
- Right-click the Application subkey, point to "New," and then click Key.
- Type myApp for the key name.
- Close Registry Editor.
}}}
Example
my←⎕NEW #.WindowsEventLog(,⊂'MyApp') my.WriteInfo 'Server started' my.WriteWarning 'Low on memory' my.WriteError 'Fatal error, server stopped' my.WriteInfo 'Server started'
Problems
When you get this:
System.Security.SecurityException: The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security.
( at System.Diagnostics.EventLog.FindSourceRegistration(String source, String machineName, Boolean readOnly)
at System.Diagnostics.EventLog.SourceExists(String source, String machineName)
at System.Diagnostics.EventLog.SourceExists(String source))this is because Microsoft in its wisdom has refused to grant "Read" permission to parts of the Event log in some versions of the Windows operating system. I wasn't able to establish a pattern...
Follow these steps in order to solve the problem:
- Select Start - Run, then enter: regedt32
Navigate/expand to the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security
- Right click on this entry and select Permissions
- Add the user name
- Give it Read permission
Project Page
For bug reports, future enhancements and a full version history see WindowsEventLog/ProjectPage
Version Information
Original author: |
|
Responsible: |
|
Email: |