创建Windows服务以提取事件日志条目 [英] Create Windows Service to pull Event Log entry

问题描述

是否可以在VB.net中创建一个Windows服务，该服务将在没有人登录时从安全事件日志中提取事件来运行？

我已经有了从数据库中提取数据的应用程序。

解决方案

首先我不要t有其他代码然后呈现。

Windows服务在权限方面可能很有意思所以请记住这一点。

我会建议查看以下用于阅读事件日志的模式。

需要此导入 - >  Imports System.Diagnostics.Eventing.Reader

 Dim eventID As String =" 5312" 
 Dim LogSource As String =" Microsoft-Windows-GroupPolicy / Operational" 
 Dim query As String = 

" * [System / EventID = {eventID}]"

Dim elq = New EventLogQuery（LogSource，PathType.LogName，query）
Dim reader = New EventLogReader（elq）

Dim eventList As New List（Of EventRecord） ）（）
Dim eventInstance As EventRecord = reader.ReadEvent（）
Do Nothing IsNot eventInstance
'在这里访问事件属性：
'eventInstance.LogName;
'ventInstance.ProviderName;
eventList.Add（eventInstance）
eventInstance = reader.ReadEvent（）
Loop

Is it possible to create a windows service in VB.net that will run when no one is logged on to pull events from the security event log?

I already have the app to pull the data from the database.

解决方案

First off I don't have any code other then presented.

Windows services can be interesting to work with in regards to permissions so keep that in mind.

I would suggest looking at the following pattern for reading event logs.

Requires this import -> Imports System.Diagnostics.Eventing.Reader

Dim eventID As String = "5312"
Dim LogSource As String = "Microsoft-Windows-GroupPolicy/Operational"
Dim query As String =

"*[System/EventID={eventID}]" Dim elq = New EventLogQuery(LogSource, PathType.LogName, query) Dim reader = New EventLogReader(elq) Dim eventList As New List(Of EventRecord)() Dim eventInstance As EventRecord = reader.ReadEvent() Do While Nothing IsNot eventInstance 'Access event properties here: 'eventInstance.LogName; 'eventInstance.ProviderName; eventList.Add(eventInstance) eventInstance = reader.ReadEvent() Loop

这篇关于创建Windows服务以提取事件日志条目的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！