我需要访问Audit Failure下的Window log - > Security事件在记录时立即发生,有没有办法在记录时立即捕获它。我需要访问实时尝试
目前我正在c#中的EventLogEntry类中阅读此内容,但我需要在Audit Failure发生时运行我的应用程序。
foreach (EventLogEntry entry in log.Entries)
{
if (entry.EntryType==EventLogEntryType.FailureAudit)
{
///
}
}
类似于:
EventLog myNewLog = new EventLog();
myNewLog.Log = "MyCustomLog";
myNewLog.EntryWritten += new EntryWrittenEventHandler(MyOnEntryWritten);
myNewLog.EnableRaisingEvents = true;
Event log events,有些像这样我想触发Windows日志
答案 0 :(得分:0)
您可以使用EventLog.GetEventLogs()方法获取事件日志:
class Program
{
static void Main(string[] args)
{
EventLog log = EventLog.GetEventLogs().First(o => o.Log == "Security");
log.EnableRaisingEvents = true;
log.EntryWritten += (s, e) => { Console.WriteLine(e.Entry.EntryType); };
Console.WriteLine(log.LogDisplayName);
Console.ReadKey();
}
}
答案 1 :(得分:0)
void Main()
{
var eventLog = new EventLog();
eventLog.Log = "Security";
eventLog.Entries.Cast<EventLogEntry>()
.OrderByDescending(e => e.TimeGenerated);
}