In .net what are the difference between Eventlog and ManagementObject for retriving logs from remote
Posted
by Mitesh Patel
on Stack Overflow
See other posts from Stack Overflow
or by Mitesh Patel
Published on 2010-04-19T05:52:49Z
Indexed on
2010/06/10
5:12 UTC
Read the original article
Hit count: 464
I have found out following two ways for getting Application Event log entries from remote server.
1. Using EventLog object
string logType = "Application";
EventLog ev = new EventLog(logType,"rspl200");
EventLogEntryCollection evColl = ev.Entries
2. Using ManagementObjectSearcher object
ConnectionOptions co = new ConnectionOptions(); co.Username = "testA"; co.Password = "testA"; ManagementScope scope = new ManagementScope(@"\" + "machineName"+ @"\root\cimv2", co); scope.Connect();
SelectQuery query = new SelectQuery(@"select * from Win32_NtLogEvent"); EnumerationOptions opt = new EnumerationOptions(); opt.BlockSize = 1000;
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query,opt))
{
foreach (ManagementObject mo in searcher.Get())
{
// write down log entries
Console.Writeline(mo["EventCode"]);
}
}
I can easily get remote eventlog using method #1 (Using EventLog object) without any security access denied exception. But using method #2 (Using ManagementObjectSearcher object) i get access denied exception.
Actually I want remote event log (only application and also latest log not all application logs) to be displayed in treeview like below
- ServerName
- Logs
+ Error
+ Information
+ Warning
Can anybody help me in this to find out best way from this or any other?
Also the main thing is that user who reads remote logs may be in different domain than server.
Thanks Mitesh Patel
© Stack Overflow or respective owner
