服务器要求定期巡检,并记录日志发送次数。
代码如下:
static void Main(string[] args)
{
Console.WriteLine("请输入检索的日志月份(如2023-01):");
var month = Console.ReadLine();
new EventWatch(month).OutputSystemLogs();
Console.ReadLine();
}
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
namespace SystemEventClassLibrary
{
public class EventWatch
{
Stopwatch sw = new Stopwatch();
readonly DateTime dateFrom = new DateTime();
readonly DateTime dateTo = new DateTime();
Dictionary<long, int> EventResult = new Dictionary<long, int>();//{ { 4624,0}, { 4625, 0 }, { 4719, 0 }, { 4698, 0 }, { 1102, 0 }, };
public EventWatch(string month )
{
var watchEventID = System.Configuration.ConfigurationManager.AppSettings["EventID"];
var _eventList = watchEventID.Split(new char[] { ',' });
foreach ( var _eventID in _eventList ) {
EventResult.Add( long.Parse( _eventID), 0);
}
var fromDay = System.DateTime.Now.ToString("yyyy-MM-01");
if (!string.IsNullOrEmpty(month))
{
if (month.Length == 7)
{
fromDay = string.Format("{0}-01", month);
}
else if (month.Length == 6) {
fromDay = string.Format("{0}-{1}-01", month.Substring(0,4), month.Substring(4,2));
}
}
dateFrom = DateTime.Parse(fromDay);
dateTo = dateFrom.AddMonths(1);
}
public void OutputSystemLogs()
{
try
{
sw.Start();
var logName = System.Configuration.ConfigurationManager.AppSettings["EventName"];//
System.Console.WriteLine(string.Format("开始检索{0}日志,{1}~{2},事件ID({3})",
logName,
dateFrom, dateTo,
System.Configuration.ConfigurationManager.AppSettings["EventID"]));
System.Diagnostics.EventLog eventLogSecurity = new System.Diagnostics.EventLog();
if (!string.IsNullOrEmpty(logName))
{
eventLogSecurity.Log = logName;
}
System.Diagnostics.EventLogEntryCollection collection = eventLogSecurity.Entries;
int Count = collection.Count;
if (collection != null && collection.Count > 0)
{
foreach (System.Diagnostics.EventLogEntry entry in collection)
{
if (DateTime.Compare(entry.TimeGenerated, dateFrom) >= 0 &&
DateTime.Compare(entry.TimeGenerated, dateTo) < 0
)
{
if (EventResult.Keys.Count(t => t == entry.InstanceId) > 0)
{
EventResult[entry.InstanceId]++;
}
}
else
{
//break;
}
}
OutPut();
}
}
catch (Exception ex)
{
System.Console.WriteLine(ex.Message);
}
finally {
sw.Stop();
System.Console.WriteLine( string.Format("运行结束,耗时:{0} 毫秒", sw.ElapsedMilliseconds.ToString()));
}
}
private void OutPut()
{
string content = string.Format("系统日志巡检周期:{0}至{1}", dateFrom, dateTo);
for (int i = 0; i < EventResult.Count; i++)
{
var key = EventResult.ElementAt(i).Key;
var curLing = string.Format("事件ID:{0} 数量:{1}", key, EventResult == null ? 0 : EventResult[key]);
content += Environment.NewLine + curLing;
System.Console.WriteLine(curLing);
}
string fileName = System.IO.Path.Combine(Environment.CurrentDirectory, System.DateTime.Now.ToString("yyyyMMddHHmmssfff") + "log.txt");
System.IO.File.WriteAllText(fileName, content);
}
}
}
运行画面如下:
文章来源:https://www.toymoban.com/news/detail-499683.html
exe下载地址:https://download.csdn.net/download/moonshineidolon/87932664文章来源地址https://www.toymoban.com/news/detail-499683.html
到了这里,关于统计Windows系统日志的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!
