static bool CollectEVT(string Book) { EventLog eventLog; eventLog = new EventLog(Book); try { foreach (EventLogEntry log in eventLog.Entries) { EventLogReport ev = new EventLogReport(); ev.Category = log.Category; ev.CategoryNumber = log.CategoryNumber; ev.Data = log.Data; ev.EventLog = Book; ev.EventLogType = (int)log.EntryType; ev.InstanceID = log.InstanceId; ev.LogID = ""; ev.MachineID = SystemInfos.SysInfo.MachineID; ev.Message = log.Message; ev.Source = log.Source; ev.TimeGenerated = log.TimeGenerated; ev.TimeWritten = log.TimeWritten; ev.JSONReplacementStrings = JsonConvert.SerializeObject(log.ReplacementStrings); CommonUtilities.CalcEventLogID(ev); HasEVTLogs.Add(ev.LogID); lst.Add(ev); } } catch { FoxEventLog.WriteEventLog("Cannot collect EventLog " + Book, EventLogEntryType.Error); } return(true); }
static bool CollectEVT2(string Book) { try { EventLogSession session = new EventLogSession(); bool Found = false; foreach (string logName in session.GetLogNames()) { if (Book == logName) { Found = true; break; } } if (Found == false) { return(true); } EventLogReader evt = new EventLogReader(Book); EventRecord log; while ((log = evt.ReadEvent()) != null) { EventLogReport ev = new EventLogReport(); ev.Category = "(" + log.Id + ")"; ev.CategoryNumber = log.Id; ev.Data = new byte[0]; ev.EventLog = Book; switch (log.LevelDisplayName.ToLower()) { case "information": ev.EventLogType = (int)EventLogEntryType.Information; break; case "warning": ev.EventLogType = (int)EventLogEntryType.Warning; break; case "error": ev.EventLogType = (int)EventLogEntryType.Error; break; default: ev.EventLogType = (int)EventLogEntryType.Information; break; } ev.InstanceID = log.Id; ev.LogID = ""; ev.MachineID = SystemInfos.SysInfo.MachineID; ev.Message = MakeNiceXML(log.ToXml()); ev.Source = log.ProviderName; ev.TimeGenerated = log.TimeCreated == null?DateTime.Now: log.TimeCreated.Value; ev.TimeWritten = log.TimeCreated == null ? DateTime.Now : log.TimeCreated.Value; ev.JSONReplacementStrings = "[]"; CommonUtilities.CalcEventLogID(ev); HasEVTLogs.Add(ev.LogID); lst.Add(ev); } } catch { FoxEventLog.WriteEventLog("Cannot collect EventLog " + Book, EventLogEntryType.Error); } return(true); }