AuditLogLocation 枚举

定义

指定与安全相关的事件日志的记录位置。Specifies the location where security-related event logs are written.

public enum class AuditLogLocation
public enum AuditLogLocation
type AuditLogLocation = 
Public Enum AuditLogLocation
继承
AuditLogLocation

字段

Application 1

在事件日志中指定应用程序日志。Specifies the Application log in the event log.

Default 0

指定由操作系统确定的默认位置。Specifies the default location, which is determined by the operating system. 如果支持写入安全日志(例如在 Windows VistaWindows VistaWindows Server 2003Windows Server 2003 以及更高版本的平台中),则默认日志位置将为安全日志。If writing to the Security log is supported (such as on Windows VistaWindows Vista and Windows Server 2003Windows Server 2003 and later platforms), the default log location is the Security log. 否则(例如在 Windows XP SP2Windows XP SP2 中),默认日志位置将为应用程序日志。Otherwise (such as in Windows XP SP2Windows XP SP2), the default log location is the Application log.

Security 2

在事件日志中指定安全日志。Specifies the Security log in the event log. 调用线程必须确保 SeAuditPrivilege 可以写入安全日志。The calling thread must have SeAuditPrivilege to be able to write to the Security log.

示例

下面的示例将ServiceSecurityAuditBehavior.AuditLogLocation属性设置为以下AuditLogLocation值之一:The following example sets the ServiceSecurityAuditBehavior.AuditLogLocation property to one of the AuditLogLocation values:

public static void Main()
{
    // Get base address from appsettings in configuration.
    Uri baseAddress = new Uri(ConfigurationManager.
        AppSettings["baseAddress"]);

    // Create a ServiceHost for the CalculatorService type 
    // and provide the base address.
    using (ServiceHost serviceHost = new 
        ServiceHost(typeof(CalculatorService), baseAddress))
    {
        // Create a new auditing behavior and set the log location.
        ServiceSecurityAuditBehavior newAudit = 
            new ServiceSecurityAuditBehavior();
        newAudit.AuditLogLocation = 
            AuditLogLocation.Application;
        newAudit.MessageAuthenticationAuditLevel = 
            AuditLevel.SuccessOrFailure;
        newAudit.ServiceAuthorizationAuditLevel = 
            AuditLevel.SuccessOrFailure;
        newAudit.SuppressAuditFailure = false;
        // Remove the old behavior and add the new.
        serviceHost.Description.
            Behaviors.Remove<ServiceSecurityAuditBehavior>();
        serviceHost.Description.Behaviors.Add(newAudit);
        // Open the ServiceHostBase to create listeners 
        // and start listening for messages.
        serviceHost.Open();

        // The service can now be accessed.
        Console.WriteLine("The service is ready.");
        Console.WriteLine("Press <ENTER> to terminate service.");
        Console.WriteLine();
        Console.ReadLine();

        // Close the ServiceHostBase to shutdown the service.
        serviceHost.Close();
    }
}
Public Shared Sub Main() 
    ' Get base address from appsettings in configuration.
    Dim baseAddress As New Uri(ConfigurationManager.AppSettings("baseAddress"))
    
    ' Create a ServiceHost for the CalculatorService type 
    ' and provide the base address.
    Dim serviceHost As New ServiceHost(GetType(CalculatorService), baseAddress)
    Try
        ' Create a new auditing behavior and set the log location.
        Dim newAudit As New ServiceSecurityAuditBehavior()
        newAudit.AuditLogLocation = AuditLogLocation.Application
        newAudit.MessageAuthenticationAuditLevel = _
            AuditLevel.SuccessOrFailure
        newAudit.ServiceAuthorizationAuditLevel = _
            AuditLevel.SuccessOrFailure
        newAudit.SuppressAuditFailure = False
        ' Remove the old behavior and add the new.
        serviceHost.Description.Behaviors.Remove(Of ServiceSecurityAuditBehavior)
        serviceHost.Description.Behaviors.Add(newAudit)
        ' Open the ServiceHostBase to create listeners 
        ' and start listening for messages.
        serviceHost.Open()
        
        ' The service can now be accessed.
        Console.WriteLine("The service is ready.")
        Console.WriteLine("Press <ENTER> to terminate service.")
        Console.WriteLine()
        Console.ReadLine()
        
        ' Close the ServiceHostBase to shutdown the service.
        serviceHost.Close()
    Finally
    End Try

End Sub 

注解

创建需要对调用方进行身份验证和/或授权的 Windows Communication Foundation (WCF) 应用程序时, 可以指定记录与安全相关的事件以获得成功、失败或两者。When creating a Windows Communication Foundation (WCF) application that requires authentication and/or authorization of callers, you can specify that events related to security be recorded for either success, failure, or both. 日志的位置由此枚举确定。The location of the log is determined by this enumeration.

指定审核日志的级别的方法是:通过将 MessageAuthenticationAuditLevel 类的 ServiceAuthorizationAuditLevelServiceSecurityAuditBehavior 属性设置为 AuditLevel 值之一。The level of the audit log is specified by setting the MessageAuthenticationAuditLevel or the ServiceAuthorizationAuditLevel property of the ServiceSecurityAuditBehavior class to one of the AuditLevel values.

还可以使用 <serviceSecurityAudit> 绑定指定审核行为。You can also specify audit behavior using the <serviceSecurityAudit> binding.

重要

如果将Audit Object Access Local Security Policy属性设置为 "安全性" 并且未在中设置, 则不会将审核事件写入安全日志。 AuditLogLocationIf the AuditLogLocation property is set to Security and Audit Object Access is not set in the Local Security Policy, audit events will not be written to the Security log. 不返回任何失败记录,但审核项也不会写入安全日志。No failure is returned, but audit entries will not be written to the Security log. 此外,调用线程必须确保 SeAuditPrivilege 可以写入安全日志。In addition, the calling thread must have SeAuditPrivilege to be able to write to the Security log.

默认值取决于操作系统Default Dependent on Operating System

将属性设置为默认值时, 操作系统将确定将实际写入哪个日志。When setting the property to the Default value, the operating system determines which log will actually be written to. 有关详细信息, 请参阅审核For more information, see Auditing.

适用于

另请参阅