I'm interested in writing some code to query the Windows Event Log for specific error message contents, as described in this MSDN article. However, I'm not a big fan of the mechanic of basically hand-rolling XPATH or a custom event view in the code...is there a simpler way of doing this? A LINQ provider perhaps?
Open "Event Viewer" by clicking the "Start" button. Click "Control Panel" > "System and Security" > "Administrative Tools", and then double-click "Event Viewer" Click to expand "Windows Logs" in the left pane, and then select "Application".
SolarWinds Log Analyzer (FREE TRIAL) SolarWinds Log Analyzer is an event log monitoring tool for Windows that collects event log data. You can monitor event log data in real-time through syslog, SNMP traps, and system event logs. Data can be collected and monitored through one user interface.
Types of Event Logs Each event entry is classified by Type to identify the severity of the event. They are Information, Warning, Error, Success Audit (Security Log) and Failure Audit (Security Log).
Maybe someone will find this useful...
I'm using LinqPad to query Security Event Log on remote machine. It working a little bit slowly but produces result I need. Query I'm using:
EventLog elog = new EventLog();
elog.MachineName = "REMOTE MACHINE NAME";
elog.Log = "Security";
var query = 
    from EventLogEntry e in elog.Entries
    where e.EventID == 560 // EVENT CODE (FILE DELETION IN MY CASE)
    && e.UserName == @"DOMAIN\USERNAME"
    && e.Message.Contains("TEXT INSIDE THE MESSAGE")
    select e;
query.Dump();
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With