static void AddSetupLogToList(List <KBRevision> kbrlist, List <ColomaEvent> list, DateTime dt)
{
// this retrieves the build.revision and branch for the current client
WindowsVersion.WindowsVersionInfo wvi = new WindowsVersion.WindowsVersionInfo();
WindowsVersion.GetWindowsBuildandRevision(wvi);
uint revision = wvi.revision;
EventLogQuery query = new EventLogQuery("Setup", PathType.LogName);
query.ReverseDirection = false;
EventLogReader reader = new EventLogReader(query);
EventRecord entry;
while ((entry = reader.ReadEvent()) != null)
{
if ((entry.Level == (byte)StandardEventLevel.Critical) ||
(entry.Level == (byte)StandardEventLevel.Error) ||
(entry.Level == (byte)StandardEventLevel.Warning) ||
(entry.Id == 2))
{
string msg = CleanUpMessage(entry.FormatDescription());
if (entry.Id == 2)
{
// this is a KB installed message, figure out which KB it is and update the revision
string kb = "KB";
int i = msg.IndexOf(kb);
if (-1 != i)
{
// we found the kb article
kb = msg.Substring(i, 9);
foreach (KBRevision rev in kbrlist)
{
if (rev.Kb == kb)
{
revision = rev.Revision;
}
}
}
}
list.Add(new ColomaEvent(wvi.branch, wvi.build, revision, entry.MachineName, Environment.UserName, "Setup", entry.LevelDisplayName, entry.TimeCreated.GetValueOrDefault(), entry.ProviderName, msg));
}
}
}
static void AddStandardLogToList(EventLog log, List <ColomaEvent> list, DateTime dt)
{
WindowsVersion.WindowsVersionInfo wvi = new WindowsVersion.WindowsVersionInfo();
WindowsVersion.GetWindowsBuildandRevision(wvi);
foreach (EventLogEntry entry in log.Entries)
{
if (entry.TimeGenerated > dt)
{
if ((entry.EntryType == EventLogEntryType.Error) ||
(entry.EntryType == EventLogEntryType.Warning))
{
string msg = CleanUpMessage(entry.Message);
list.Add(new ColomaEvent(wvi.branch, wvi.build, 0, entry.MachineName, Environment.UserName, log.LogDisplayName, entry.EntryType.ToString(), entry.TimeGenerated, entry.Source, msg));
}
}
}
}
