 |
|
|
The WIN32 API that the event log monitor uses does not support monitoring of remote machines. You would have to buy/write a little client/server module to get event log monitoring for remote machines.
|
| Sign In·View Thread·PermaLink | 2.00/5 (1 vote) |
|
|
|
|
|
|
I am getting the following error in the ShowBalloon method. Can anyone point me in the correct direction to solve this. I get this error on the line:
data.hWnd = m_messageSink.Handle;
InvalidOperationException was unhandled by user code
Cross-thread operation not valid: Control '' accessed from a thread other than the thread it was created on.
public void ShowBalloon(string title, string text, NotifyInfoFlags type, int timeoutInMilliSeconds)
{
if(timeoutInMilliSeconds < 0)
throw new ArgumentException("The parameter must be positive", "timeoutInMilliseconds");
NotifyIconData data = new NotifyIconData();
data.cbSize = (uint)Marshal.SizeOf(data);
data.hWnd = m_messageSink.Handle;
data.uID = m_id;
data.uFlags = NotifyFlags.Info;
data.dwTimeoutOrVersion = timeoutInMilliSeconds; // this value does not seem to work - any ideas?
data.szInfoTitle = title;
data.szInfo = text;
data.dwInfoFlags = type;
Shell_NotifyIcon(NotifyCommand.Modify, ref data);
}
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
Hi Mark. Nice little gimmick, however it doesn't work here: After selecting a log and event type and pressing "Apply", I receive the following exception, meaning that the event log I have just selected wouldn't exist.
System.InvalidOperationException: Das Ereignisprotokoll 'Sicherheit' auf dem Computer '.' ist nicht vorhanden.
at System.Diagnostics.EventLog.OpenForRead()
at System.Diagnostics.EventLog.get_EntryCount()
at System.Diagnostics.EventLog.StartListening()
at System.Diagnostics.EventLog.StartRaisingEvents()
at System.Diagnostics.EventLog.set_EnableRaisingEvents(Boolean value)
at EventReader.Config.StartWatch()
at EventReader.Config.btnUpdate_Click(Object sender, EventArgs e)
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
Sounds like a globalization issue to me. The Security log, or Sicherheit in German, isn't found because it is looking for the string "Security" Can you fix this or do you want me to send you an updated binary?
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
|
|
|
|
|
|
I'm trying to recompile and run the event log monitoring source code using Visual Studio 5 and I'm getting the exception indicated below. What must I do to make this code compatible with Microst.NET Framework 2.0 because to me it looks like the code has been written using .NET 2003 with Microst.NET Framework 1.1? Help please!
Below is the exception I'm encountering:
System.InvalidOperationException was unhandled by user code
Message="Cross-thread operation not valid: Control '' accessed from a thread other than the thread it was created on."
Source="System.Windows.Forms"
StackTrace:
at System.Windows.Forms.Control.get_Handle()
at JCMLib.NotifyIconEx.ShowBalloon(String title, String text, NotifyInfoFlags type, Int32 timeoutInMilliSeconds) in C:\Project\EventReader_src\EventReader\NotifyIconEx.cs:line 326
at EventReader.Config.OnEntryWritten(Object source, EntryWrittenEventArgs e) in C:\Project\EventReader_src\EventReader\Config.cs:line 554
at System.Diagnostics.EventLog.CompletionCallback(Object context)
|
| Sign In·View Thread·PermaLink | 2.00/5 (1 vote) |
|
|
|
|
|
|
Yeah, I am aware of that issue. The code doesn't adhere to cross-threading compatibility simply because it was written nearly 4 years ago and I was just starting to play with threading.
You have two approaches to use here; one is to simply ignore the error by setting CheckForIllegalCrossThreadCalls to False when you're compiling. The other is to use the BackgroundWorker class in .NET 2.0. They've made making thread-safe calls too easy with this. 
Check your MSDN docs for BackgroundWorker. Let me know how it goes.
-M
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
Thanks for your paper. From MSDN, I have also read event logging topics under both Win32/COM and .NET development.
My question is:
In .NET development, if I want to read full description of message from a remote machine, do I
still need to load dll that contain an application's resource file? The remote machine has no .NET framework installation.
From the .NET document of EventLogEntry.Message
Property, it said: "Getting this property opens the
registry to determine the file name of the .dll file
that contains the localized text...."
Does .NET already got the remote dll's resource
message file for me?
Thanks
Yao
yao
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
Well it certainly sounds like what you are trying to do is far beyond the scope of my little tool. The short answer is "I'm not sure." This is an intriguing problem and I'll try to answer it in a future revision to the article.
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
Hi Yao,
.NET already knows about the messages.
You just need to change he code a little bit like this:
EventLog SysEvt = new EventLog("System", );
SysEvt.EntryWritten += new EntryWrittenEventHandler(SysEvt_EntryWritten);
SysEvt.EnableRaisingEvents = true;
The only thing you need is t have appropriate permissions.
Cheers,
Christian
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
|
|
|
Hey Chris,
If you still need the msg, add the following in the source and it will work.
NotifyIcon.ShowBalloon("Event Log Monitor",
"An event was written to the "+logName+" event log."+
"\nType: "+LogType+
"\nSource: "+LogSource+
"\nCategory: "+LogCategory+
"\nEventID: "+EventID+
"\nMessage: "+logMessage+
"\nUser: "+User,
NotifyIconEx.NotifyInfoFlags.Info,
5000);
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
|
|
|
Hi Marc,
thanks for your reply.
I really appreciate the work you have done here.
Unfortunately, as I stated, I'm no coder ... don't even know which language you are using here ...
Therefore I have no idea if my request would amount to a lot of time or not, but if it is possible for someone here, could you maybe change the code above to what jbono007 suggested (in order to display the full event log message text) and send me the resulting .exe file to go_blue [at] gmx [dot] net .... (or post it here) ?
NotifyIcon.ShowBalloon("Event Log Monitor",
"An event was written to the "+logName+" event log."+
"\nType: "+LogType+
"\nSource: "+LogSource+
"\nCategory: "+LogCategory+
"\nEventID: "+EventID+
"\nMessage: "+logMessage+
"\nUser: "+User,
NotifyIconEx.NotifyInfoFlags.Info,
5000);
And maybe could you also make the program watch all 3 event logs simultaneously (application/security/system log) and change the code accordingly ?
I know, I am probably asking for too much here. I thought, I'd just try.
1000 thanks in advance,
Chris
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
Hi, is there anybody out there?
I'm getting a little desperate, it's been nearly a month that I've posted these lines below and no answer ... 
I would be really thankful if somebody could drop me a line.
Thanks in advance,
Chris
|
| Sign In·View Thread·PermaLink | 2.00/5 (1 vote) |
|
|
|
|
|
|
Hi, great stuff! Thanks for sharing!
Would be wicked if the balloon tip would also include the actual EVENT LOG MESSAGE TEXT. Then you wouldn't have to check in the event viewer every time.
I guess that would be real easy to code ... by adding a line somewhere here, no ?
===========================================
NotifyIcon.ShowBalloon("Event Log Monitor",
"An event was written to the "+logName+" event log."+
"\nType: "+LogType+
"\nSource: "+LogSource+
"\nCategory: "+LogCategory+
"\nEventID: "+EventID+
"\nUser: "+User,
NotifyIconEx.NotifyInfoFlags.Info,
5000);
============================================
Unfortunately, I'm no coder, I don't even know which language that is ;(
And I don't know neither how to make a running .exe out of these lines 
Is there a good soul around who would add that line and send me a modified .exe ? I give you my mail:
go_blue[at]gmx[dot]net
100000 thanks!!
I would be REALLY REALLY thankful!!! Thanks in advance to anybody who can help.
Kind regards,
Chris
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
By the way, does anybody have a modified version of this program that watches all 3 simultaneously (application/security/system log)?
|
| Sign In·View Thread·PermaLink | 1.00/5 (1 vote) |
|
|
|
|
|
|
One small issue:
I was simply echoing event log entries out to a text box; I noticed that when the logging app rapidly spams the event log, the monitoring app shows repeated instances of the most recent event. This was because log.Entries.Count was used as the event index,
rather than e.Entry.Index. HOWEVER, sometimes e.Entry.Index was >= log.Entries.Count, which of course is problematic.
To fix this, whenever we get an entry written event, write from the last logged index + 1 to event log size - 1, as illustrated below:
int NextIndexToWrite = -1;
private void OnEntryWritten(object source, EntryWrittenEventArgs e)
{
StringBuilder sb = new StringBuilder(4096);
EventLog log = new EventLog(watchLog);
if (NextIndexToWrite == -1)
NextIndexToWrite = log.Entries.Count - 1;
while (NextIndexToWrite < log.Entries.Count)
{
try
{
System.Diagnostics.EventLogEntry ele = log.Entries[NextIndexToWrite];
sb.Append(ele.Message);
sb.Append("\r\n");
}
catch (Exception ex)
{
sb.Append(ex.ToString());
}
++NextIndexToWrite;
}
// append the messages to the text box
txtEvents.AppendText(sb.ToString());
}
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
Thanks for your feedback, it is very much appreciated. I was a bit of a novice back when I wrote this and have since thought about updating it with many more capabilities. I'm glad you found it useful.
|
| Sign In·View Thread·PermaLink | 2.00/5 (1 vote) |
|
|
|
|
|
|
I'm a perpetual novice. Which became even more apparent when I read over the code I posted above and noticed that the initialization of NextIndexToWrite should be changed from:
if (NextIndexToWrite == -1)
NextIndexToWrite = log.Entries.Count - 1;
to
if (NextIndexToWrite == -1)
NextIndexToWrite = e.Entry.Index;
Thanks again for providing a much needed solution.
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
just a little fix....
private void StartWatch()
{
try
{
// if someone remove the Log on register...
if (!EventLog.Exists(watchLog))
watchLog = "Application";
Great stuff!!
Cheers
Nicola
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
|
|
|
|
|
Thanks for providing such a great head start for many of us that didnt know how to get to this point...I have modified the app just a bit to change from using the balloon to using a net send...This allows me to run the app on a server and have it alert me on my own workstation via a popup box...It works to a point..but one strange thing ive noticed is that when i use net send, it will keep notifying me over and over again forever until i exit the app from the systray...
If i use messagebox.Show on the local machine, it still behaves strangely in that it will notify me in waves of three....So if an event is fired, I will get three messageboxes that are identical..So I have to click OK three times...I know by changing even this little code, I probably caused this...Would you happen to know where I could look in the code to fix this?
Gary Reynolds
greynolds@hpsj.com
|
| Sign In·View Thread·PermaLink | 1.00/5 (1 vote) |
|
|
|
|
|
|
Without seeing your code I'm not sure but it sounds like a typical mailslots problem. Net Send uses mailslots. The problem is that by design, Windows will send the message using all available protocols. Usually this means TCP, UDP and IPX, causing each message to be received 3 times. If you have a custom app to listen for the messages then you must account for this. I always gave each message an ID to discard duplicates. For more information look here.
-Jim
|
| Sign In·View Thread·PermaLink | |
|
|
|
|
?
Thanks, Chris 
General 
News 
Question 
Answer 
Joke 
Rant 
Admin