static void AddSetupLogToList(List <KBRevision> kbrlist, List <ColomaEvent> list, DateTime dt) { // this retrieves the build.revision and branch for the current client WindowsVersion.WindowsVersionInfo wvi = new WindowsVersion.WindowsVersionInfo(); WindowsVersion.GetWindowsBuildandRevision(wvi); uint revision = wvi.revision; EventLogQuery query = new EventLogQuery("Setup", PathType.LogName); query.ReverseDirection = false; EventLogReader reader = new EventLogReader(query); EventRecord entry; while ((entry = reader.ReadEvent()) != null) { if ((entry.Level == (byte)StandardEventLevel.Critical) || (entry.Level == (byte)StandardEventLevel.Error) || (entry.Level == (byte)StandardEventLevel.Warning) || (entry.Id == 2)) { string msg = CleanUpMessage(entry.FormatDescription()); if (entry.Id == 2) { // this is a KB installed message, figure out which KB it is and update the revision string kb = "KB"; int i = msg.IndexOf(kb); if (-1 != i) { // we found the kb article kb = msg.Substring(i, 9); foreach (KBRevision rev in kbrlist) { if (rev.Kb == kb) { revision = rev.Revision; } } } } list.Add(new ColomaEvent(wvi.branch, wvi.build, revision, entry.MachineName, Environment.UserName, "Setup", entry.LevelDisplayName, entry.TimeCreated.GetValueOrDefault(), entry.ProviderName, msg)); } } }
static void AddStandardLogToList(EventLog log, List <ColomaEvent> list, DateTime dt) { WindowsVersion.WindowsVersionInfo wvi = new WindowsVersion.WindowsVersionInfo(); WindowsVersion.GetWindowsBuildandRevision(wvi); foreach (EventLogEntry entry in log.Entries) { if (entry.TimeGenerated > dt) { if ((entry.EntryType == EventLogEntryType.Error) || (entry.EntryType == EventLogEntryType.Warning)) { string msg = CleanUpMessage(entry.Message); list.Add(new ColomaEvent(wvi.branch, wvi.build, 0, entry.MachineName, Environment.UserName, log.LogDisplayName, entry.EntryType.ToString(), entry.TimeGenerated, entry.Source, msg)); } } } }