How to get new Event Log Entry?

  • Thread starter Thread starter dabingyoutiao
  • Start date Start date
D

dabingyoutiao

I am writing a program that gets event logs from remote machines and
stores them in local database. The process runs at night every day.
To save time, every time when the process reads event log from remote
machine the process should only insert new event logs to the
database. Since I have no rights to creating a new event trigger on
remote machine , the only way I can do that is to analyze the event
log entry from remote machines. Is there any smart solution to
verifing whether the Event Log is new or not in a short time :?:
Thx a lot.
 
I've written an app that does the exact same thing. What I did was to get
the highest recordnumber in the eventlog by using the Windows API methods,
OpenEventLog, GetNumberOfEventLogRecords, GetOldestEventLogRecord and
CloseEventLog (use DllImport), and then start at that number and decrement
the counter down until I get to a record I already have in the database.


Arild

dabingyoutiao said:
I am writing a program that gets event logs from remote machines and
stores them in local database. The process runs at night every day.
To save time, every time when the process reads event log from remote
machine the process should only insert new event logs to the
database. Since I have no rights to creating a new event trigger on
remote machine , the only way I can do that is to analyze the event
log entry from remote machines. Is there any smart solution to
verifing whether the Event Log is new or not in a short time :?:
Thx a lot.



----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption
Click to expand...
=---
 
I just got solution. Every time the program records the largest index
of Event Log entry. Whenever it refreshes the database system, it
only inserts the Event Log entry with index larger than the
previously recorded largest index. I think this solution is pretty
much like yours.
Thank you very much
 
Back
Top