EventLog.GetEventLogs Metoda
Definicja
Tworzy tablicę dzienników zdarzeń.Creates an array of the event logs.
Przeciążenia
| GetEventLogs(String) |
Wyszukuje wszystkie dzienniki zdarzeń na danym komputerze i tworzy tablicę EventLog obiektów, które zawierają listę.Searches for all event logs on the given computer and creates an array of EventLog objects that contain the list. |
| GetEventLogs() |
Wyszukuje wszystkie dzienniki zdarzeń na komputerze lokalnym i tworzy tablicę EventLog obiektów, które zawierają listę.Searches for all event logs on the local computer and creates an array of EventLog objects that contain the list. |
GetEventLogs(String)
public:
static cli::array <System::Diagnostics::EventLog ^> ^ GetEventLogs(System::String ^ machineName);public static System.Diagnostics.EventLog[] GetEventLogs (string machineName);[System.MonoNotSupported("remote machine is not supported")]
public static System.Diagnostics.EventLog[] GetEventLogs (string machineName);static member GetEventLogs : string -> System.Diagnostics.EventLog[][<System.MonoNotSupported("remote machine is not supported")>]
static member GetEventLogs : string -> System.Diagnostics.EventLog[]Public Shared Function GetEventLogs (machineName As String) As EventLog()Parametry
- machineName
- String
Komputer, na którym mają zostać wyszukane dzienniki zdarzeń.The computer on which to search for event logs.
Zwraca
- EventLog[]
Tablica typu EventLog , która reprezentuje dzienniki na danym komputerze.An array of type EventLog that represents the logs on the given computer.
- Atrybuty
-
MonoNotSupportedAttribute
Wyjątki
machineNameParametr jest nieprawidłową nazwą komputera.The machineName parameter is an invalid computer name.
Nie masz dostępu do odczytu do rejestru.You do not have read access to the registry.
-lub--or-
Na komputerze nie ma usługi dziennika zdarzeń.There is no event log service on the computer.
Przykłady
Poniższy przykład pobiera listę dzienników na komputerze "i".The following example gets a list of logs on the computer "myServer". Następnie wyświetla nazwę każdego dziennika.It then outputs the name of each log.
#using <System.dll>
using namespace System;
using namespace System::Diagnostics;
using namespace System::Threading;
int main()
{
array<EventLog^>^remoteEventLogs;
remoteEventLogs = EventLog::GetEventLogs( "myServer" );
Console::WriteLine( "Number of logs on computer: {0}", remoteEventLogs->Length );
System::Collections::IEnumerator^ myEnum = remoteEventLogs->GetEnumerator();
while ( myEnum->MoveNext() )
{
EventLog^ log = safe_cast<EventLog^>(myEnum->Current);
Console::WriteLine( "Log: {0}", log->Log );
}
}
using System;
using System.Diagnostics;
using System.Threading;
class MySample{
public static void Main(){
EventLog[] remoteEventLogs;
remoteEventLogs = EventLog.GetEventLogs("myServer");
Console.WriteLine("Number of logs on computer: " + remoteEventLogs.Length);
foreach(EventLog log in remoteEventLogs){
Console.WriteLine("Log: " + log.Log);
}
}
}
Imports System.Diagnostics
Imports System.Threading
Class MySample
Public Shared Sub Main()
Dim remoteEventLogs() As EventLog
remoteEventLogs = EventLog.GetEventLogs("myServer")
Console.WriteLine(("Number of logs on computer: " & remoteEventLogs.Length))
Dim log As EventLog
For Each log In remoteEventLogs
Console.WriteLine(("Log: " & log.Log))
Next log
End Sub
End Class
Uwagi
Tablica EventLog obiektów jest migawką wszystkich dzienników zdarzeń na komputerze określonym przez machineName parametr podczas wywołania GetEventLogs .The array of EventLog objects is a snapshot of all event logs on the computer specified by the machineName parameter when the call to GetEventLogs is made. Nie jest to kolekcja dynamiczna, dlatego nie odzwierciedla ona usuwania ani tworzenia dzienników w czasie rzeczywistym.This is not a dynamic collection, so it does not reflect the deletion or creation of logs in real time. Przed odczytaniem lub zapisaniem w tablicy należy sprawdzić, czy istnieje już dziennik.You should verify that a log in the array exists before you read or write to it. Tablica zawiera zwykle co najmniej trzy dzienniki: aplikacje, systemy i zabezpieczenia.The array usually includes at least three logs: Application, System, and Security. Jeśli utworzono niestandardowe dzienniki na określonym komputerze, zostaną one również wyświetlone w tablicy.If you created custom logs on the specified computer, they will appear in the array as well.
GetEventLogs jest static metodą, dlatego można ją wywołać dla EventLog samej klasy.GetEventLogs is a static method, so it can be called on the EventLog class itself. Utworzenie wystąpienia obiektu nie jest konieczne EventLog w celu wywołania metody.It is not necessary to create an instance of an EventLog object to make a call to the method.
Aby pobrać listę dzienników zdarzeń, musisz mieć odpowiednie uprawnienia do rejestru.To retrieve the list of event logs, you must have the appropriate registry permissions. Te uprawnienia są identyczne z tymi, które są wymagane do wywołania Exists i SourceExists .These permissions are identical to those required to call Exists and SourceExists.
Zobacz też
Dotyczy
GetEventLogs()
public:
static cli::array <System::Diagnostics::EventLog ^> ^ GetEventLogs();public static System.Diagnostics.EventLog[] GetEventLogs ();static member GetEventLogs : unit -> System.Diagnostics.EventLog[]Public Shared Function GetEventLogs () As EventLog()Zwraca
- EventLog[]
Tablica typu EventLog , która reprezentuje dzienniki na komputerze lokalnym.An array of type EventLog that represents the logs on the local computer.
Wyjątki
Nie masz dostępu do odczytu do rejestru.You do not have read access to the registry.
-lub--or-
Na komputerze nie ma usługi dziennika zdarzeń.There is no event log service on the computer.
Przykłady
Poniższy przykład wylicza dzienniki zdarzeń zdefiniowane na komputerze lokalnym i wyświetla szczegóły konfiguracji dla każdego dziennika zdarzeń.The following example enumerates the event logs defined on the local computer, and displays configuration details for each event log.
void DisplayEventLogProperties()
{
// Iterate through the current set of event log files,
// displaying the property settings for each file.
array<EventLog^>^eventLogs = EventLog::GetEventLogs();
System::Collections::IEnumerator^ myEnum = eventLogs->GetEnumerator();
while ( myEnum->MoveNext() )
{
EventLog^ e = safe_cast<EventLog^>(myEnum->Current);
Int64 sizeKB = 0;
Console::WriteLine();
Console::WriteLine( "{0}:", e->LogDisplayName );
Console::WriteLine( " Log name = \t\t {0}", e->Log );
Console::WriteLine( " Number of event log entries = {0}", e->Entries->Count );
// Determine if there is a file for this event log.
RegistryKey ^ regEventLog = Registry::LocalMachine->OpenSubKey( String::Format( "System\\CurrentControlSet\\Services\\EventLog\\{0}", e->Log ) );
if ( regEventLog )
{
Object^ temp = regEventLog->GetValue( "File" );
if ( temp != nullptr )
{
Console::WriteLine( " Log file path = \t {0}", temp );
FileInfo^ file = gcnew FileInfo( temp->ToString() );
// Get the current size of the event log file.
if ( file->Exists )
{
sizeKB = file->Length / 1024;
if ( (file->Length % 1024) != 0 )
{
sizeKB++;
}
Console::WriteLine( " Current size = \t {0} kilobytes", sizeKB );
}
}
else
{
Console::WriteLine( " Log file path = \t <not set>" );
}
}
// Display the maximum size and overflow settings.
sizeKB = e->MaximumKilobytes;
Console::WriteLine( " Maximum size = \t {0} kilobytes", sizeKB );
Console::WriteLine( " Overflow setting = \t {0}", e->OverflowAction );
switch ( e->OverflowAction )
{
case OverflowAction::OverwriteOlder:
Console::WriteLine( "\t Entries are retained a minimum of {0} days.", e->MinimumRetentionDays );
break;
case OverflowAction::DoNotOverwrite:
Console::WriteLine( "\t Older entries are not overwritten." );
break;
case OverflowAction::OverwriteAsNeeded:
Console::WriteLine( "\t If number of entries equals max size limit, a new event log entry overwrites the oldest entry." );
break;
default:
break;
}
}
}
static void DisplayEventLogProperties()
{
// Iterate through the current set of event log files,
// displaying the property settings for each file.
EventLog[] eventLogs = EventLog.GetEventLogs();
foreach (EventLog e in eventLogs)
{
Int64 sizeKB = 0;
Console.WriteLine();
Console.WriteLine("{0}:", e.LogDisplayName);
Console.WriteLine(" Log name = \t\t {0}", e.Log);
Console.WriteLine(" Number of event log entries = {0}", e.Entries.Count.ToString());
// Determine if there is an event log file for this event log.
RegistryKey regEventLog = Registry.LocalMachine.OpenSubKey("System\\CurrentControlSet\\Services\\EventLog\\" + e.Log);
if (regEventLog != null)
{
Object temp = regEventLog.GetValue("File");
if (temp != null)
{
Console.WriteLine(" Log file path = \t {0}", temp.ToString());
FileInfo file = new FileInfo(temp.ToString());
// Get the current size of the event log file.
if (file.Exists)
{
sizeKB = file.Length / 1024;
if ((file.Length % 1024) != 0)
{
sizeKB++;
}
Console.WriteLine(" Current size = \t {0} kilobytes", sizeKB.ToString());
}
}
else
{
Console.WriteLine(" Log file path = \t <not set>");
}
}
// Display the maximum size and overflow settings.
sizeKB = e.MaximumKilobytes;
Console.WriteLine(" Maximum size = \t {0} kilobytes", sizeKB.ToString());
Console.WriteLine(" Overflow setting = \t {0}", e.OverflowAction.ToString());
switch (e.OverflowAction)
{
case OverflowAction.OverwriteOlder:
Console.WriteLine("\t Entries are retained a minimum of {0} days.",
e.MinimumRetentionDays);
break;
case OverflowAction.DoNotOverwrite:
Console.WriteLine("\t Older entries are not overwritten.");
break;
case OverflowAction.OverwriteAsNeeded:
Console.WriteLine("\t If number of entries equals max size limit, a new event log entry overwrites the oldest entry.");
break;
default:
break;
}
}
}
Shared Sub DisplayEventLogProperties()
' Iterate through the current set of event log files,
' displaying the property settings for each file.
Dim eventLogs As EventLog() = EventLog.GetEventLogs()
Dim e As EventLog
For Each e In eventLogs
Dim sizeKB As Int64 = 0
Console.WriteLine()
Console.WriteLine("{0}:", e.LogDisplayName)
Console.WriteLine(" Log name = " + ControlChars.Tab _
+ ControlChars.Tab + " {0}", e.Log)
Console.WriteLine(" Number of event log entries = {0}", e.Entries.Count.ToString())
' Determine if there is an event log file for this event log.
Dim regEventLog As RegistryKey
regEventLog = Registry.LocalMachine.OpenSubKey( _
("System\CurrentControlSet\Services\EventLog\" + e.Log))
If Not (regEventLog Is Nothing) Then
Dim temp As Object = regEventLog.GetValue("File")
If Not (temp Is Nothing) Then
Console.WriteLine(" Log file path = " + ControlChars.Tab _
+ " {0}", temp.ToString())
Dim file As New FileInfo(temp.ToString())
' Get the current size of the event log file.
If file.Exists Then
sizeKB = file.Length / 1024
If file.Length Mod 1024 <> 0 Then
sizeKB += 1
End If
Console.WriteLine(" Current size = " + ControlChars.Tab _
+ " {0} kilobytes", sizeKB.ToString())
End If
Else
Console.WriteLine(" Log file path = " + ControlChars.Tab _
+ " <not set>")
End If
End If
' Display the maximum size and overflow settings.
sizeKB = e.MaximumKilobytes
Console.WriteLine(" Maximum size = " + ControlChars.Tab _
+ " {0} kilobytes", sizeKB.ToString())
Console.WriteLine(" Overflow setting = " + ControlChars.Tab _
+ " {0}", e.OverflowAction.ToString())
Select Case e.OverflowAction
Case OverflowAction.OverwriteOlder
Console.WriteLine(ControlChars.Tab + _
" Entries are retained a minimum of {0} days.", _
e.MinimumRetentionDays)
Case OverflowAction.DoNotOverwrite
Console.WriteLine(ControlChars.Tab + _
" Older entries are not overwritten.")
Case OverflowAction.OverwriteAsNeeded
Console.WriteLine(ControlChars.Tab + _
" If number of entries equals max size limit, a new event log entry overwrites the oldest entry.")
Case Else
End Select
Next e
End Sub
Uwagi
Tablica EventLog obiektów jest migawką wszystkich dzienników zdarzeń na komputerze lokalnym, gdy wywołanie jest nawiązywane GetEventLogs .The array of EventLog objects is a snapshot of all event logs on the local computer when the call to GetEventLogs is made. Nie jest to kolekcja dynamiczna, dlatego nie odzwierciedla ona usuwania ani tworzenia dzienników w czasie rzeczywistym.This is not a dynamic collection, so it does not reflect the deletion or creation of logs in real time. Przed odczytaniem lub zapisaniem w tablicy należy sprawdzić, czy istnieje już dziennik.You should verify that a log in the array exists before you read or write to it. Tablica zawiera zwykle co najmniej trzy dzienniki: aplikacje, systemy i zabezpieczenia.The array usually includes at least three logs: Application, System, and Security. Jeśli utworzono niestandardowe dzienniki na komputerze lokalnym, zostaną one również wyświetlone w tablicy.If you created custom logs on the local computer, they will appear in the array as well.
Aby pobrać listę dzienników zdarzeń, musisz mieć odpowiednie uprawnienia do rejestru.To retrieve the list of event logs, you must have the appropriate registry permissions. Te uprawnienia są identyczne z tymi, które są wymagane do wywołania Exists i SourceExists .These permissions are identical to those required to call Exists and SourceExists.