EVENT LOG SERVICE IN ASP.NET

adhocjackpotΑσφάλεια

5 Νοε 2013 (πριν από 3 χρόνια και 5 μήνες)

82 εμφανίσεις


CONTENTS:
-



What is Event Log Service ?


Types of event logs and their purpose.


How and when the Event Log is useful?


What is Event Viewer?


Briefing Event Structure.


Different Event Types


Example


Event Logging Functions


References





The Event Log Service (ELS) is a component of the
Windows operating system used to record and monitor
significant events in a common and unified way.


Many applications record errors and events in various
proprietary error logs. These proprietary error logs
have different formats and display different user
interfaces. Moreover, you cannot merge the data to
provide a complete report. Therefore, you need to
check a variety of sources to diagnose problems.






To handle this problem, we have Event logging mechanism. It
provides a standard, centralized way for applications (and the
operating system) to record important software and hardware
events.


The event
-
logging service stores events from various sources in a
single collection called an
event log
. The Event Viewer enables you
to view logs; the programming interface also enables you to examine
logs.



The ELS acts as a mediator between the source of an event
(an application, device driver, etc.) and the log file in which the
event is written.


All the classes required for logging events to the windows
event log are in the System. Diagnostics package. The most
important class is the EventLog class. This allows reading
and writing of event log entries. However, before any logs
can be written an EventSource must be defined.



A single line of event logging can greatly ease the tracking
down of all exceptions that are not being specifically caught
by the application code. The following line of code can be
used:



EventLog.WriteEntry("MyLogname",Server.GetLastError().To
String(),EventLogEntryType.Error);

The ELS supports three default event logs, each of which has a
specific purpose:



The System Log:


The System log records significant events that occur within
components of the operating system (for example, a failure within a
device driver).




The Application log:


The Application log records events from applications (for example,
an unexpected application failure).




The Security log:


The Security log provides a record of audited security activity (for
example, accessing a protected file).


Additional logs may be needed depending on the configuration of the
Windows computer.

For example: A computer configured as a Domain Name System(DNS)
server, will have a DNS server log.



When an error occurs, the system administrator or support
representative must determine what caused the error,
attempt to recover any lost data, and prevent the error from
recurring.


It is helpful if applications, the operating system, and other
system services record important events such as low
-
memory conditions or excessive attempts to access a disk.
Then the system administrator can use the event log to help
determine what conditions caused the error and the context
in which it occurred.


By periodically viewing the event log, the system
administrator may be able to identify problems (such as a
failing hard drive) before they cause damage.

To go into details:
-


Event logs store records of significant events on behalf of the
system and applications running on the system. Because the
logging functions are general purpose, you must decide what
information is appropriate to log. Generally, you should log
only information that could be useful in diagnosing a
hardware or software problem. Event logging is not intended
to be used as a tracing tool.


Choosing Events to Log:

1.
Resource problems:


If an application gets into a low
-
memory situation
(caused by a code bug or inadequate memory) that degrades
performance, logging a warning event when memory allocation fails
might provide a clue about what went wrong.


Hardware problems:


If a device driver encounters a disk controller time
-
out, a
power failure in a parallel port, or a data error from a network
or serial card, logging information about these events can
help the system administrator diagnose hardware problems.
The device driver logs the error.


Bad sectors :


If a disk driver encounters a bad sector, it may be able to
read from or write to the sector after retrying the operation,
but the sector will go bad eventually. Therefore, if the disk
driver can proceed, it should log a warning; otherwise, it
should log an error event. If a file system driver finds a large
number of bad sectors, fixes them, and logs warning events,
logging information of this type might indicate that the disk is
about to fail.

Information events:


A server application (such as a database
server) records a user logging on, opening a
database, or starting a file transfer. The server can
also log error events it encounters (cannot access
file, host process disconnected, and so on), a
corruption in the database, or whether a file
transfer was successful.

Event Viewer:


Event Viewer is a Windows component that logs
program, security and system events on your
computer.

You can use the Event viewer to manage the
event logs, gather information about the software
problems and monitor system events.

To open the
Event Viewer, go to
Start
-
> Run
-
> eventvwr
.


The ELS uses a standardized structure to represent all
events, irrespective of the log in which the event will be
stored. The following is the structure of an event:
-








Event source name:
This is the name of the event source
used to log the event.(Typically name of the application).


Message:
This component gives description of the event,
which may be used in determining the cause of a problem.


Event type:
There are five types of events that can be
logged. All event classifications have well
-
defined common
data and can optionally include event
-
specific data. The
application indicates the event type when it reports an event.


Event identifier and event category:
The event identifier and
category are application
-
specific numeric values.


Binary data:
The event may contain binary data that is of use
to someone trying to resolve the problem that caused this
event to occur

The Event types are classified into the following different types.



Information
-

This type indicates a successful operation of an
application.

An example is a successful loading of a new virus
definition file by antivirus software.


Warning
-

This type indicates that there could be a potential
problem in the future.

The entries help in taking preventive
measures.


Error
-

This type indicates a significant problem.

It lets us know if
there was a failure in a critical task
.


Success Audit
-

This type indicates that an audited security event
is successfully completed. For example, when a user authenticates
successfully, there may be an entry of this type.


Failure Audit
-

This type indicates that there was a failure of an
audited security event.


Implementing the Event Logging mechanism in a .NET
WebService
.



using

System. Diagnostics;


Let

us

examine

a

WebMethod

that

potentially throws

an

exception.
///

<summary> ///



A

Web

method

that

divides

two

integers


///

</summary> ///


<param name="intNumerator">Numerator</param> ///

<param name="intDenominator">Denominator</param>


[WebMethod]

public

void

DivideNumbers(int

intNumerator,

int intDenominator)


{



double

dResult;




try



{

dResult

=

intNumerator

/

intDenominator;

}



catch

(Exception

e)

{ //Write

to

Event

Log



WriteToEventLog(e.Message , EventLogEntryType.Error);



}

}


When an exception occurs, it calls the
WriteToEventLog
method

to write to the Event Log.





BackupEventLog
:
Saves the specified event log to a backup file.


ClearEventLog
:
Clears the specified event log, and optionally
saves the current copy of the log to a backup file.


CloseEventLog
:
Closes a read handle to the specified event log.


GetEventLogInformation
:
Retrieves information about the
specified event log.


GetNumberOfEventLogRecords
:
Retrieves the number of records
in the specified event log.


ReportEvent
:
Writes an entry at the end of the specified event log.


ASP Alliance:
http://aspalliance.com/987_Event_Logging_in_a_NET_Web_
Service.all



MSDN:


http://msdn.microsoft.com/en
-
us/library/aa363652(VS.85).aspx



Oreilly.Programming.Dot.NET.Security. by


Adam Freeman, Allen Jones






THANK YOU