How do I read an event log from another computer using eventlog class?

Question

0.00/5 (No votes)

See more:

I am trying to parse .evt files using the EventLog class. I am able to parse any log in the computers main directory; meaning all the logs created by the pc. However I need to be able read .evt from a different computers. How can I do this?

For Reference:
EventLog Class
EventLogEntry Class
EventLogEntryCollection Class

C#

public static class EventLogClassContainer
    {
        public static string EvlLocation { get; set; } = "";
        public static string EvlName { get; set; } = "Application";
        public static string evlLocationManual = "%Test.evt%";
        public static List<EventLogEntry> _LogEntries { get; private set; }

        public static void ReadEventLog()
        {
            EventLog evlLog = new EventLog(EvlName, ".");
            EventLogEntryCollection eventLogEntries = evlLog.Entries;
            int eventLogEntryCount = eventLogEntries.Count;
            foreach (EventLogEntry entry in evlLog.Entries)
            {
                //entry.Message
                _LogEntries = eventLogEntries.Cast<EventLogEntry>().ToList();
            }
        }

        public static void SetEvlName(string evlLocation)
        {
            Parser.FileNameFinder(evlLocation, 3);
        }

        public static void RELSystemTest()
        {
            EventLog evlLog = new EventLog("Application", ".");
            EventLogEntryCollection eventLogEntries = evlLog.Entries;
            int eventLogEntryCount = eventLogEntries.Count;
            _LogEntries = eventLogEntries.Cast<EventLogEntry>().ToList();
        }

        public static void ParseTest()
        {
            evlLocationManual = "K:\\Event Log\\Test\\Test.evt";
            ReadEventLog();
        }

        public static void setLogLocation(string input)
        {
            EvlLocation = input;
        }
    }

    public static class EventLogEntryCollection_Container
    {
        public static void testCollection()
        {
            string myLogName = "_log";

            // Create an EventLog instance and assign its source.
            EventLog _log = new EventLog();
            _log.Source = "%Program Files (x86)%\\EventLogParser\\ImportedEventLogs\\" + varBank.logInput;

            // Write an informational entry to the event log.
            _log.WriteEntry("Successfully created a new Entry in the Log");
            _log.Close();

            // Create a new EventLog object.
            EventLog myEventLog1 = new EventLog();
            myEventLog1.Log = myLogName;

            // Obtain the Log Entries of "_log".
            EventLogEntryCollection _logCollection = _log.Entries;
            _log.Close();

            // Copy the EventLog entries to Array of type EventLogEntry.
            EventLogEntry[] _logEntryArray = new EventLogEntry[_logCollection.Count];
            _logCollection.CopyTo(_logEntryArray, 0);
            IEnumerator myEnumerator = _logEntryArray.GetEnumerator();
            while (myEnumerator.MoveNext())
            {
                EventLogEntry myEventLogEntry = (EventLogEntry)myEnumerator.Current;
            }
        }
    }

What I have tried:

I have tried all three versions of the EventLog container, but I can't set the log location. This is mainly due to the fact that the log location cannot contain //.

Posted 13-Mar-17 13:25pm

scudd_

Add a Solution

Comments

Tomas Takac 14-Mar-17 5:09am

Did you try to specify the machine name int the EventLog constructor[^] or via EventLog.MachineName property[^]?

scudd_ 14-Mar-17 17:11pm

I don't know how entering the machine name will help? Even if I have the machine name the log is from I still can't direct it to the file itself? Or at least I don't know how I would do that.

Garth J Lancaster 15-Mar-17 7:32am

I think the intent was to read the information directly from the remote machine's event logs rather than exported .evt file(s)

scudd_ 14-Mar-17 17:12pm

Is there any way to import the .evt file into my computers events directory?

Garth J Lancaster 15-Mar-17 7:33am

apparently not

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)