Steps:
Add below code in your application
MyProject is: Source type
EventLog.WriteEntry("MyProject", "Error occurred ." + ex.Message, EventLogEntryType.Error, 0x00005082);
MyProject1 is: Source type
EventLog.WriteEntry("MyProject1", "Error occurred ." + ex.Message, EventLogEntryType.Error, 0x00005082);
Now your logs will be created under Event Viewer-->Application and Service logs
Now you can create View to filter your source (MyProject, MyProject1) logs
Open eventvwr (Go to run type: eventvwr)
Expand Event viewer
Right click on Custom Views
Select Create Custom View
In the new window select "By source"
Under "Event source" drop down, you will see your source name (MyProject, MyProject1) which you have created.
Select it.
Ok
You will see new window.
Give Your project name, any name.Ex: MySourceLogs.
Now you will see all logs under your folder MySourceLogs.
Another way is:
The first step is to create the new log. You have to do this in the registry. Open up regedit and navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog
Right click on the Eventlog key and click New > Key
Ex: If i give MyProject
New folder will create under : HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog
Expand HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\MyProject
Select HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\MyProject
In the right side canvas, right click.
You will see "New" option, select it..
Expand....
Add below keys one by one...
Type:REG_SZ
Name: Sources
Value: Your project Solution Name
You can give multiple values with space.
Ex: Value: Project1 Project2 Project3
Without adding this, you will not see any logs
---------------------------------------------------
Type: REG_DWORD
Name:AutoBackupLogFiles
Value:0 Hexade
---
Type:REG_Expand_SZ
Name:DisplayNameFile
Value:%SystemRoot%\system32\wevtapi.dll
--------
Type:REG_DWORD
Name:DisplayNameID
Value:100
hex
----------
Type:REG_Expand_SZ
Name:File
Value:%SystemRoot%\system32\winevt\Logs\Application.evtx
-------
Type:REG_DWORD
Name:MaxSize
Value:ed0000
Hexa
----
Type:REG_SZ
Name:PrimaryModule
Value:Application
--
Type:REG_DWORD
Name:RestrictGuestAccess
Value:1
hexa
--------
Type:REG_DWORD
Name:Retention
Value:0
hexa
-------------------------------------------
Open Command prompt as Administrator
Go to this path: C:\WINDOWS\system32
Run this:
eventcreate /l MyProject /t Information /so MySource1 /id 1 /d "Test message"
eventcreate /l MyProject /t Information /so MySource2 /id 1 /d "Test message"
Open eventvwr (Go to run type: eventvwr)
Expand Event viewer
Right click on Custom Views
Select Create Custom View
In the new window select "By source"
Under "Event source" drop down, you will see your project name which you have created.
Select it.
Ok
You will see new window.
Give Your project name, any name.Ex: MyProject.
Now you will see all logs under your folder MyProject.
In your application you have to call like this..
catch (Exception ex)
{
EventLog.WriteEntry("MyProject", "Error occurred ." + ex.Message, EventLogEntryType.Error, 0x00005082);
}
All logs will move to MyProject view.
If you want to add new Source name and move all that source related logs to "MyProject" view,
First Add source name to regedit
Go to regedit
Select HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\MyProject
You will find
Name: Sources
Edit, Sources
The add New source name. Ex: Module1 Module2
Now go to code..
EventLog.WriteEntry("Module1", "Error occurred ." + ex.Message, EventLogEntryType.Error, 0x00005082);
EventLog.WriteEntry("Module2", "Error occurred ." + ex.Message, EventLogEntryType.Error, 0x00005082);
Now you need to add Module1. Module2 source to your view.
Go to eventvwr
Expand Custom View
Right click on MyProject
Select: Filter Current custom view.
Under By Source-->Event Source
Select drop down.
Scroll down, you will see Module1. Module2
Select it
Ok
Now you will see all logs with different source under MyProject
Now how to export this registry in to other systems...
Go to this path:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\MyProject
Right click Export
You will get .reg file. Name it: Myproject.reg
Now go to other system. Copy Myproject.reg in any drive.
Open Command prompt in administrator mode.
Go to this path: C:\WINDOWS\system32
Run this:
reg import "C:\Myproject.reg"
You will see all registry entries.
------------------------------------------------
Add below code in your application
MyProject is: Source type
EventLog.WriteEntry("MyProject", "Error occurred ." + ex.Message, EventLogEntryType.Error, 0x00005082);
MyProject1 is: Source type
EventLog.WriteEntry("MyProject1", "Error occurred ." + ex.Message, EventLogEntryType.Error, 0x00005082);
Now your logs will be created under Event Viewer-->Application and Service logs
Now you can create View to filter your source (MyProject, MyProject1) logs
Open eventvwr (Go to run type: eventvwr)
Expand Event viewer
Right click on Custom Views
Select Create Custom View
In the new window select "By source"
Under "Event source" drop down, you will see your source name (MyProject, MyProject1) which you have created.
Select it.
Ok
You will see new window.
Give Your project name, any name.Ex: MySourceLogs.
Now you will see all logs under your folder MySourceLogs.
Another way is:
The first step is to create the new log. You have to do this in the registry. Open up regedit and navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog
Right click on the Eventlog key and click New > Key
Ex: If i give MyProject
New folder will create under : HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog
Expand HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\MyProject
Select HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\MyProject
In the right side canvas, right click.
You will see "New" option, select it..
Expand....
Add below keys one by one...
Type:REG_SZ
Name: Sources
Value: Your project Solution Name
You can give multiple values with space.
Ex: Value: Project1 Project2 Project3
Without adding this, you will not see any logs
---------------------------------------------------
Type: REG_DWORD
Name:AutoBackupLogFiles
Value:0 Hexade
---
Type:REG_Expand_SZ
Name:DisplayNameFile
Value:%SystemRoot%\system32\wevtapi.dll
--------
Type:REG_DWORD
Name:DisplayNameID
Value:100
hex
----------
Type:REG_Expand_SZ
Name:File
Value:%SystemRoot%\system32\winevt\Logs\Application.evtx
-------
Type:REG_DWORD
Name:MaxSize
Value:ed0000
Hexa
----
Type:REG_SZ
Name:PrimaryModule
Value:Application
--
Type:REG_DWORD
Name:RestrictGuestAccess
Value:1
hexa
--------
Type:REG_DWORD
Name:Retention
Value:0
hexa
-------------------------------------------
Open Command prompt as Administrator
Go to this path: C:\WINDOWS\system32
Run this:
eventcreate /l MyProject /t Information /so MySource1 /id 1 /d "Test message"
eventcreate /l MyProject /t Information /so MySource2 /id 1 /d "Test message"
Open eventvwr (Go to run type: eventvwr)
Expand Event viewer
Right click on Custom Views
Select Create Custom View
In the new window select "By source"
Under "Event source" drop down, you will see your project name which you have created.
Select it.
Ok
You will see new window.
Give Your project name, any name.Ex: MyProject.
Now you will see all logs under your folder MyProject.
In your application you have to call like this..
catch (Exception ex)
{
EventLog.WriteEntry("MyProject", "Error occurred ." + ex.Message, EventLogEntryType.Error, 0x00005082);
}
All logs will move to MyProject view.
If you want to add new Source name and move all that source related logs to "MyProject" view,
First Add source name to regedit
Go to regedit
Select HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\MyProject
You will find
Name: Sources
Edit, Sources
The add New source name. Ex: Module1 Module2
Now go to code..
EventLog.WriteEntry("Module1", "Error occurred ." + ex.Message, EventLogEntryType.Error, 0x00005082);
EventLog.WriteEntry("Module2", "Error occurred ." + ex.Message, EventLogEntryType.Error, 0x00005082);
Now you need to add Module1. Module2 source to your view.
Go to eventvwr
Expand Custom View
Right click on MyProject
Select: Filter Current custom view.
Under By Source-->Event Source
Select drop down.
Scroll down, you will see Module1. Module2
Select it
Ok
Now you will see all logs with different source under MyProject
Now how to export this registry in to other systems...
Go to this path:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\MyProject
Right click Export
You will get .reg file. Name it: Myproject.reg
Now go to other system. Copy Myproject.reg in any drive.
Open Command prompt in administrator mode.
Go to this path: C:\WINDOWS\system32
Run this:
reg import "C:\Myproject.reg"
You will see all registry entries.
------------------------------------------------
