In .net what are the difference between Eventlog and ManagementObject for retriving logs from remote

Posted by Mitesh Patel on Stack Overflow See other posts from Stack Overflow or by Mitesh Patel
Published on 2010-04-19T05:52:49Z Indexed on 2010/06/10 5:12 UTC
Read the original article Hit count: 467

Filed under:
|
|

I have found out following two ways for getting Application Event log entries from remote server.

1. Using EventLog object

 string logType = "Application";
 EventLog ev = new EventLog(logType,"rspl200");

 EventLogEntryCollection evColl =  ev.Entries

2. Using ManagementObjectSearcher object

ConnectionOptions co = new ConnectionOptions(); co.Username = "testA"; co.Password = "testA"; ManagementScope scope = new ManagementScope(@"\" + "machineName"+ @"\root\cimv2", co); scope.Connect();

SelectQuery query = new SelectQuery(@"select * from Win32_NtLogEvent"); EnumerationOptions opt = new EnumerationOptions(); opt.BlockSize = 1000;

using (ManagementObjectSearcher searcher = new  ManagementObjectSearcher(scope, query,opt))
   {

     foreach (ManagementObject mo in searcher.Get())
                {

                       // write down log entries
                       Console.Writeline(mo["EventCode"]);

                }

   }

I can easily get remote eventlog using method #1 (Using EventLog object) without any security access denied exception. But using method #2 (Using ManagementObjectSearcher object) i get access denied exception.

Actually I want remote event log (only application and also latest log not all application logs) to be displayed in treeview like below

 -  ServerName
   - Logs
     + Error
     + Information
     + Warning

Can anybody help me in this to find out best way from this or any other?

Also the main thing is that user who reads remote logs may be in different domain than server.

Thanks Mitesh Patel

© Stack Overflow or respective owner

Related posts about .NET

Related posts about remote