1. Purpose
The development and maintenance of the application system is inseparable from the log system, and choosing a powerful log system solution is an important part of the application system development process. There are many kinds of log system solutions in the. NET environment, and Log4net is one of the best.
In Windows2000 and above operating systems, there is a Windows logging system that includes the application (application) event log, System log and security log, and event logs can also be custom logs. The appropriate classes and interfaces are also available in the. NET Framework to use the application event log or custom event logs. Using Windows logs allows the application to be better integrated with the operating system, which is more convenient for querying and managing logs than for a custom journaling system. In practical applications, depending on the actual situation, you can choose a suitable log solution, you can also customize the log system and the Windows log System two log solutions to use simultaneously.
2. How to use Windows log
2.1, Methods overview
A class EventLog is provided in the. NET Framework, and you can use the EventLog class to add new event log entries or get existing entries from the server event log. The EventLog class includes a WriteEntry () method that you can use to write a new event to the event log. When a new entry is written to the event log, the entry is written to a specific event log using a specific event source.
The event source is unique to the event log. In Windows2000 and above operating systems, there is an event log: An application (application) event log, a system log and security log, and the system allows custom event logs. With the EventLog class, you can add log entries to the application (application) event log or to a custom event log. The event source corresponds to the next level of the event log, and each log entry must correspond to an event source. The EventLog class can create a custom event log, or you can create an event source that can be created either in the application (application) event log or in a custom event log. The Windows log system is shown in the following illustration:
To facilitate log differentiation and viewing between different application systems, the event source is typically created in a custom event log, you can create multiple event logs, and an event log can create multiple event sources.
2.2. Event logs and event source creation methods
When you create a new event log or event source, you are actually adding an entry to the registry. Because the Write registry requires special permissions, there are permissions and security issues in creating event logs and event sources in a Web project, and this issue is not present in the application project, which focuses on the use of Windows log in Web projects. The application project uses methods similar to Web projects, discarding permissions and security handling in Web projects, and this article does not repeat.
In a Web project, when you use ASP.net to create an event log or an event source in your system, you may receive the following exception error message: System.Security.SecurityException: The requested registry access is not allowed. This is because the default account that runs the ASP.net process is the ASPNET (NetworkService below IIS6.0), which defaults to read permission and no write permission, so the event log or event source cannot be created. The solution to this problem is to elevate the permissions of the ASPNET account, not to create an event log or event source within the program, and so on, with the following three solutions:
A, before the program runs, define the event logs and event sources to use, open Registry Editor, and manually add the event logs and event sources to the registry. The main steps are as follows:
① Click on the "Start" menu and click "Run".
② enter regedit in the Open box in run, and then press the OK button to open Registry Editor.
③ Locate the following subkeys in Registry Editor:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog
④ Right-click "Eventlog", click "New", then click "Item", will create a new project at the next level of "Eventlog", Name this project "TDDN", TDDN item is the event log, can name the item according to the actual situation, for example, can be named Project name.
⑤ on the "TDDN" Item, click "New" and click "Item" to create a new item at the next level of "TDDN", which is named "Weblog", and the Weblog item is the event source, which can also be named according to the actual situation.
⑥ closes Registry Editor.
This allows the event logs and event sources to be built, repeating the process if multiple event logs or event sources are required. This approach requires familiarity with the registry, the operation may be a little more complex, you can write a class to implement the configuration registry, as long as the class can be run to add the appropriate items, eliminating the cumbersome to add manually, this is the second solution, the following method:
B, there is a EventLogInstaller class in the System.Diagnostics namespace that enables you to create and configure event logs and event sources that an application reads and writes to at run time. The following steps allow you to use the EventLogInstaller class to create an event log and an event source:
① uses C # to create a "class library" called EventLogSourceInstaller.
② adds a reference to System.Configuration.Install.dll in this project.
③ automatically changed the Class1.cs to MyEventLogInstaller.cs.
④ writes the following code in MyEventLogInstaller.cs:
Using System;
Using System.Diagnostics;
Using System.ComponentModel;
Using System.Configuration.Install;
Namespace EventLogSourceInstaller {
[Runinstaller (True)]
public class myeventloginstaller:installer{
Public EventLogInstaller myEventLogInstaller;
Public myEventLogInstaller () {
Create Instance of EventLogInstaller
myEventLogInstaller = new EventLogInstaller ();
Set the Source of Event Log, to be created.
Myeventloginstaller.source = "WebLog";
Set the Log that this source is created in
MyEventLogInstaller.Log = "TDDN";
Installers.add (myEventLogInstaller);
}
}
}
⑤ build this project and get EventLogSourceInstaller.dll.
⑥ open the Visual Studio. NET command Prompt and go to the directory where EventLogSourceInstaller.dll resides.
⑦ Run this command to create an event log and an event source, which runs by: Enter the command InstallUtil EventLogSourceInstaller.dll.
This allows the program to create an event log in the system: TDDN, an event source was created under the event log TDDN: WebLog.
Both of these solutions are to manually add event logs and event sources to the system before the application system is run, without security permissions and security concerns. A more convenient way is to have the program automatically create event logs and event feeds when the application is running, either by elevating the system operation permissions on the ASPNET account or by giving the asp.net process a mock account with greater privileges. The implementation of the impersonation account is complex, and there is no difference between functionality and security and the promotion of the ASPNET account, and the method used here is to elevate the permissions of the ASPNET account. Here is the third solution:
C, to elevate the permissions of the ASPNET account you can add read and write permissions to the ASPNET account directly in Windows system administration, but there are serious security issues, asp.net processes have direct read and write operating system permissions, will bring great security risks to the system. The way to promote the ASPNET account right here is to assign only the operating permissions of the system log to the ASPNET account, so that while there are some security risks, the pitfalls have been greatly reduced and the freedom to create event logs and event sources within the program has greatly increased flexibility. The ASPNET account permission elevation method is as follows:
① Click "Start", "Run", enter "regedit" and open Registry Editor.
② Locate the following subkeys in Registry Editor:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog
③ Right-click on the EventLog item, select the Access permission option from the pop-up menu, and then locate the local ASPNET account to add in and give read and write access.
In this way, the ASPNET account has the ability to read and write the system log, and you can create the event log and the event source freely in the program. The method for creating event logs and event sources in your program is as follows:
Call the CreateEventSource method of the EventLog class and specify the data source string and the event log name to create, and if the event log name is specified as null (""), the event log name defaults to application, which does not create a new event log. However, the specified data source is created for the application (application) event log. If you create a new event log, only the first 8 letters of the specified string are evaluated when the event log name is determined to be unique. As shown in the following code:
System.Diagnostics.EventLog.CreateEventSource ("WebLog", "TDDN");
An event log is created as TDDN, and an event source weblog is created under the event log. To create a custom event log on a remote computer, specify this computer name as the third parameter. The following code provides an example:
System.Diagnostics.EventLog.CreateEventSource ("WebLog", "Tddn", "MyServer");
The event log and event source will be created on the remote computer myserver.
2.3, write to the Windows log method
The event log is resolved with the problem created by the event source, and the log information can then be written to the Windows system log in the program. The Write method is to first create an instance of the EventLog class, associate its Source property with the event source name, and finally invoke the WriteEntry method to add log information to and from the event log. The following is a simple sample code written to the system log:
EventLog EventLog = null;
if (!) ( EventLog.SourceExists ("WebLog"))) {
EventLog.CreateEventSource ("WebLog", "TDDN");
}
if (EventLog = = null) {
EventLog = new EventLog ("Tddn");
EventLog.Source = "WebLog";
}
EventLog.WriteEntry ("This is error! ", EventLogEntryType.Error);
}
The above program section first determines whether the data source "WebLog" exists, if there is no call to the CreateEventSource method to create the event source, and then associates the event source with the EventLog class's Source property for a write operation. The first parameter passed to the WriteEntry method represents the log message to be logged and can be written to any message. The second parameter represents the type of the event log.
A, event log type classification
The type of the event log is used to indicate the severity of the event log. Each event must have a single type, and the application will indicate the type when it reports the event. Event Viewer uses this type to determine which icon is displayed in the list view of the log. It is divided into the following five categories:
①error: An error event that indicates a serious problem (usually a loss of functionality or data) that the user should know about.
②failureaudit: Failure Audit event, which indicates a security event that occurs when the audit access attempt fails, such as when an attempt to open a file fails.
③information: An informational event that indicates an important, successful operation.
④successaudit: A successful audit event that indicates a security event that occurs when an audit access attempt succeeds (for example, a successful login).
⑤warning: A warning event that indicates a problem that is not immediately important, but this issue may indicate a condition that will cause problems in the future.
In practical applications, selecting the appropriate event log type can make logging clearer and help develop maintenance personnel to better monitor and maintain the application system.
B, for the event log five types of classification, you can write a generic class in the application, write a method for each type to write to the event log.
The following is a code snippet for a custom generic class:
public void Error (string sourceName, String message) {
EventLog EventLog = null;
if (!) ( EventLog.SourceExists (SourceName))) {
EventLog.CreateEventSource (SourceName, "Tddn");
}
if (EventLog = = null) {
EventLog = new EventLog ("Tddn");
EventLog.Source = SourceName;
}
EventLog.WriteEntry (message, EventLogEntryType.Error);
}
public void Warning (string sourceName, String message) {
EventLog EventLog = null;
if (!) ( EventLog.SourceExists (SourceName))) {
EventLog.CreateEventSource (SourceName, "Tddn");
}
if (EventLog = = null) {
EventLog = new EventLog ("Tddn");
EventLog.Source = SourceName;
}
EventLog.WriteEntry (message,system.diagnostics.eventlogentrytype.warning);
}
Similarly, three other types of event log write methods can be written. This class method passes the event source (sourceName) and log messages (message) as parameters, which can improve the flexibility of event log writes.
C, methods to invoke common class event log writes
The invocation of a generic class method is very simple, and the following code fragment is an example of calling the error method in a generic class:
String Strsourcename= "WebLog";
Coustomeventlog log=new Coustomeventlog ();
Log. Error (Strsourcename, "This is error!");
Strsourcename is the source of the event, log is an instance of the Coustomeventlog class (that is, a generic class), and then the Error method calls the log message "This is error!" Written to the event log.
You can also write exception information thrown in your program to the event log:
String Strsourcename= "WebLog";
Coustomeventlog log=new Coustomeventlog ();
try{
Execution events
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.