Event Logging from ASP.NET

  • Thread starter Thread starter Andrew Robinson
  • Start date Start date
A

Andrew Robinson

In the past, I remember all kinds of security related issues when trying to
write to the event log but don't remember the specifics. Was there an issue
with creating a new source?

Can you write if you are using the ASP.NET account or Network Services
account? Did this change with .NET v2.0 and/or Win 2003 SP1?


thanks,
 
Ysgrifennodd Andrew Robinson:
In the past, I remember all kinds of security related issues when trying
to write to the event log but don't remember the specifics. Was there an
issue with creating a new source?

Can you write if you are using the ASP.NET account or Network Services
account? Did this change with .NET v2.0 and/or Win 2003 SP1?


thanks,
Click to expand...

Yes. My understanding is that you can write to a log that's been
created, but you can't create a new log.

We have a little Windows.Forms app that creates a log with a given name.
ASP.NET and Web service applications can then write to that log.
Whether or not this is the best solution, I have no idea, but it works
for us.

:-)


Peter
 
Yes. My understanding is that you can write to a log that's been created,
but you can't create a new log.
Click to expand...

That's also my understanding...
We have a little Windows.Forms app that creates a log with a given name.
ASP.NET and Web service applications can then write to that log. Whether
or not this is the best solution, I have no idea, but it works for us.
Click to expand...

I have something similar...
 
The "issue" is still there. You can not create new source. But since you do
it only once simply have a desktop program that does it and run it under
Admin account.

Then your ASP.NET will be able to write into event log.

George
 
Ok, if I can't create a new Source and I really don't want to require a user
to first run some type of desktop app, any suggestions on an existing source
that is likely to exist that I can use?

-Andy
 
Not sure what type of solution you looking for.
New "source" is a simple entry in a registry.
You can
a) created manually
b) create using program that runs under Admin rights.
You choose.

Another option would be not to log into event log and intead send an email
with error info.
That is how all my online application work.

So usually i am there fixing bugs before user called me.

George.
 
I am afraid you a bit misleading the guy. "Application" Event Log is a name
of the log and not a source.
There are 2 components when writing into even log.

Source and Log Name.

Log Name identifies which event log. "Application", "System".... You can
create your own name and it will be shown in the Even Viewer as a root node.

Then there is a Source of the event. Source basically points to which
application has created that entry in event log. You can see Source as a
column in the event viewer.

So folowing code
if (!EventLog.SourceExists("TEST"))

EventLog.CreateEventSource("TEST", "Application");

EventLog.WriteEntry("TEST", msg, EventLogEntryType.Error);

will create even source TEST connected to event log "Application" and then
write there with source "TEST"

You need to have admin rights to create both new Log (usually "Application"
is used so no need to create it).
and new source.



George.
 
Ysgrifennodd Andrew Robinson:
Ok, if I can't create a new Source and I really don't want to require a
user to first run some type of desktop app, any suggestions on an
existing source that is likely to exist that I can use?

-Andy
Click to expand...

Hang on. You're not trying to do logging on the client, are you? I
think everyone else is talking about the server(s). The "desktop" app
would be run on the Web server(s) as part of the ASP.NET application
install. Put it in an .msi file, if you like, that installs the whole
application.

Since the restriction only applies to Web apps, objects on other servers
- app servers and the like - don't have the problem.

Is there a problem with any of that?


Peter
 
Good catch Peter.
We could have beaten that cow to death and he's still going to have problem
:)


George
 
Guys,

I have done all kinds of logging in the past and am currently doing
extensive SMTP based logging within the Application_Error event but it looks
very much so like some of my SMTP messages are not making their way back to
my email account. Only a handful are missing and I cannot reproduce any
configuration that causes these to fail. Guessing that they are being
filtered by my clients ISP at certain times of the day?

I was thinking about logging additional info to the even log but don't have
full access to the server and really don't want to go down the path of
adding sources to the registry.

Thanks,
 
Hi Andrew,

The original problem is due to ASP.NET default process identity(default
permission) can not create a custom/new event source. But the default
identity should be able to write into the "Application" Event source
without any problem. Here is the original KB article:

#PRB: "Requested Registry Access Is Not Allowed" Error Message When ASP.NET
Application Tries to Write New EventSource in the EventLog
http://support.microsoft.com/kb/329291

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.
 
Hi Andrew,

Does the kb article and the information in previous message what you want?
If there is anything else need help, please feel free to post here.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.
 
Back
Top