C
Chris
I am working on a c# utility to collect security events from remote
computers and record them in a sql database. I would like to find a
way to search new events only (created since the last search) - so
that I can have the program abort the search of a particular
computer's log when it reaches the point it already scanned before.
In what order are the events returned to the EventLogEntryCollection?
Is it possible to sort its contents?
EventLogEntryCollection log = eventlog.Entries;
foreach (EventLogEntry r in log)
{
//Record the event if it meets certain criteria
}
I figure this should be possible if I can predict the order that
events will be presented in the foreach loop *AND* I can find an
ascending EventLogEntry property (index? date/time?) that I can use to
mark where the last search ended.
Any help would be appreciated (and potentially save me a lot of
trial/error work!)
Thanks,
Chris
computers and record them in a sql database. I would like to find a
way to search new events only (created since the last search) - so
that I can have the program abort the search of a particular
computer's log when it reaches the point it already scanned before.
In what order are the events returned to the EventLogEntryCollection?
Is it possible to sort its contents?
EventLogEntryCollection log = eventlog.Entries;
foreach (EventLogEntry r in log)
{
//Record the event if it meets certain criteria
}
I figure this should be possible if I can predict the order that
events will be presented in the foreach loop *AND* I can find an
ascending EventLogEntry property (index? date/time?) that I can use to
mark where the last search ended.
Any help would be appreciated (and potentially save me a lot of
trial/error work!)
Thanks,
Chris