Enhanced Event Viewer in VS 2008

 

Windows provides a nice tool for viewing event logs of our machine. This tool called as Event Viewer is having lot of features to browse through our event logs. Even though, it is a very useful tool to browse our event log, but it does not provide certain features like searching and auto-show up of new events etc. So, I thought of doing an application that makes our event log browsing faster and much easier. First, I will explain the features provided by it followed by design and coding,

 

Features provided by this Viewer:

 

Ø      Easy to navigate among the Logs.

Ø      Easy to filter events.

Ø      Easy to do Search.

Ø      Click away to access it.

Ø      Connect to remote machine's Event Log.

Ø      Listener to show new event entry automatically.

Ø      Better User Experience and lot more.

 

I designed this application in VS 2008 SP1.

 

Create a new Windows application in C# and name it as EnhancedEventViewer. Add the controls to EventViewer form as shown below:

 

Purpose of above controls:

 

v     ListView (lvEvents) à To list event details like message, event type etc.

v     TreeView (tvEventNodes) à To list all event logs on our machine.

v     MainMenu  à To allow user to connect to a remote machine, refresh and clean event logs.

v     NotifyIcon à To show/hide the Event Viewer.

v     txtSearchText à To filter events based on search criteria.

v     ImageList à To display icon based on event type like warning, error etc.

 

We are done with the design. Now, let's dig into the functionality part of this application.  I will outline the steps performed by it.

 

1)      When we run the application, it loads all event logs of our machine.

2)      Based on selected Event log, it will list all the events of it.

3)      We can do a search by using Search textbox. It will filter events based on its Message property.

4)      We can connect to a remote machine, by entering machine name or IP address and pressing Enter. We need permissions on the remote machine to get connected.

 

Let's go into the coding part. I will outline the important methods.

 

v     LoadEventLogs à This method loads all event logs of a machine.

v     LoadEventDetails à This method loads all events of an event log. This will internally calls LoadThreadEventDetails to load events on a separate thread.

v     log_EntryWritten à This event will be raised on arrival of a new event in particular event log.

 

I will explain the core method (LoadThreadEventDetails) for loading events. In order to make application respond to user interactions while loading, I had implemented it on a separate thread using ThreadStart and Thread classes.

 

    private void LoadThreadEventDetails(string logName)

        {

            lock (logs)

            {

                try

                {

                    EventItems.Clear();

                    foreach (EventLog log in logs)

                    {

                        if (log.LogDisplayName == logName)

                        {

                           foreach (EventLogEntry entry in log.Entries)

                            {

                                ListViewItem item = new ListViewItem();

                                item.Text = entry.EntryType.ToString();

                                if (item.Text.StartsWith("Inform"))

                                {

                                    item.StateImageIndex = 0;

                                }

                                else if (item.Text.StartsWith("Error"))

                                {

                                    item.StateImageIndex = 1;

                                }

                                else if (item.Text.StartsWith("Warn"))

                                {

                                    item.StateImageIndex = 2;

                                }

                                else

                                {

                                    item.StateImageIndex = 1;

                                }

                                item.SubItems.Add(entry.Message.ToString() == "" ? "None" : entry.Message.ToString());

                                item.SubItems.Add(entry.TimeWritten.ToShortDateString());

                                item.SubItems.Add(entry.TimeWritten.ToLongTimeString());

item.SubItems.Add(entry.Source);

                                item.SubItems.Add(entry.InstanceId.ToString());

item.SubItems.Add(entry.UserName == null ? "N\\A" : entry.UserName);

item.SubItems.Add(entry.MachineName);

item.ToolTipText = entry.Message;

m_AddEventEntry = new AddEventEntry(this.AddEntry);

EventItems.Add(item);

this.Invoke(m_AddEventEntry, (new object[] { item }));

                            }

m_AddEventEntry = new AddEventEntry(this.AddEntry);

ListViewItem tempItem = new ListViewItem();

tempItem.Text = "!!!!";

this.Invoke(m_AddEventEntry, (new object[] { tempItem }));

break;

                        }

                    }

                }

                catch { }

            }

        }

 

Here, we are getting the events of a particular log and adding it to list view for display. Then, we are getting new event notification by adding EntryWrittenEventHandler for a log. Finally, we are displaying message of the selected event in a textbox for easy viewing.

 

I added some more code to improve the UI and functionality. Finally, the application looks like below:

 

eventimage.gif

 

We can still enhance this application by adding UI and extra functionality like saving/exporting event logs, better performance etc. I am attaching source code for reference. I hope this article will be helpful for all.

Up Next
    Ebook Download
    View all
    Learn
    View all