如何使用C#和WMI备份事件日志 [英] How to take backup of event log using C# and WMI
本文介绍了如何使用C#和WMI备份事件日志的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我已经编写了C#代码来备份eventlog,返回的返回码是3.请让我知道我的代码中是否有任何错误,或者获取备份的其他方式
这是我的代码
Hi,
I have written C# code to backup eventlog.It is returning a return code of 3.what does it mean? Please let me know if there is any error in my code or an alternate way to get a backup
Here is my code
private void BackupEventLog()
{
try
{
ManagementObjectSearcher searcher;
ObjectQuery query;
ConnectionOptions connection;
ManagementScope scope = null;
if ((txtUsername.Text != "") && (txtPassword.Text != ""))
{
connection = new ConnectionOptions();
connection.Username = txtUsername.Text;
connection.Password = txtPassword.Text;
connection.Authority = "ntlmdomain:DOMAIN";
scope = new ManagementScope("\\\\" + txtIP.Text + "\\root\\CIMV2", connection);
scope.Connect();
}
else
{
scope = new ManagementScope();
}
scope.Options.EnablePrivileges = true;
scope.Options.Impersonation = ImpersonationLevel.Impersonate;
query = new ObjectQuery("Select * from Win32_NTEventLogFile Where LogFileName='Application'");
searcher = new ManagementObjectSearcher(scope, query);
foreach (ManagementObject o in searcher.Get())
{
ManagementBaseObject inParams = o.GetMethodParameters("BackupEventlog");
inParams["ArchiveFileName"] = @"c:\scripts\Application.evt";
ManagementBaseObject outParams=o.InvokeMethod("BackupEventLog", inParams, null);
Response.Write(outParams.Properties["ReturnValue"].Value.ToString());
}
}
catch (Exception ex)
{
Response.Write(ex.Message);
}
}
预先谢谢你
[添加的代码格式]
Thank you in advance
[Added code formatting]
推荐答案
看看这个:
备份并清除事件日志(Microsoft) [ ^ ]
也是代码段:
Have a look at this:
Back Up and Clear an Event Log(Microsoft) [^]
Also a Code Snippet:
Private Declare Function BackupEventLog Lib "advapi32.dll" Alias "BackupEventLogA" (ByVal hEventLog As IntPtr, ByVal lpBackupFileName As String) As Integer
Private Declare Function CloseEventLog Lib "advapi32.dll" (ByVal hEventLog As IntPtr) As IntPtr
Private Declare Function OpenEventLog Lib "advapi32.dll" Alias "OpenEventLogA" (ByVal lpUNCServerName As String, ByVal lpSourceName As String) As IntPtr
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim hEventLog As IntPtr
Dim lretv As Integer
hEventLog = OpenEventLog(vbNullString, "Application")
If hEventLog = IntPtr.Zero Then
System.Diagnostics.Debug.Write("OpenEvent Log Failed")
Exit Sub
End If
lretv = BackupEventLog(hEventLog, "appback.evt")
If lretv = 0 Then
Debug.Write("BackupEventLog Failed")
Exit Sub
End If
End Sub
这篇关于如何使用C#和WMI备份事件日志的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
