{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Melony? 的问题《C# EventLog Inaccessible Log》','https://www.manongdao.com/q-1379676.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Below is an exception I encountered while running the immediately following code:
The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security.
The code is
if (!EventLog.SourceExists(this.EventLogSource))
The content of the exception makes sense to me, it's why that doesn't. This line is running in Visual Studio 2010, .NET 4, as a console app ( for the time being ). I have run this in a different environment, but I wouldn't expect the fact that I'm remote desk'ed to break this method. I've tried changing HKML\CCS\Services\eventlog permissions - to no avail, as well as the C:\Windows\System32\Winevt\Logs\Security.evtx permissions. Again, to no avail.
My questions are as follows:
- Why isn't there an override to ignore secure logs,
- How can I work around this ( programatically )
- IS this because I'm remote desked.
Any advice would be great.
Microsoft requires that you be an administrator in order to execute this method for the very reason that you found.
Here is their explanation (from the MSDN documentation):
How you work around it will depend entirely on exactly what you need to do. The best recommendation if you are not able to log in as an administrator is to attempt to perform your action in a try/catch block and if a SecurityException is thrown, perform some alternate action.
I recommend to use Logging Application Block of Enterprise Library in order to implement the correct logging.
Start reading from here
Accessing some EventLogs requires elevation. Run the app as an administrator instead.