Writing To Windows Event Log in Visual Basic.NET

Written By: Kevin Jordan

- 09 Mar 2006 -
















Description: This simple application uses the EventLog class to create a form for adding custom messages to the system and application log.

  1. Creating the Form
  2. The WriteToEvent Function
  3. Programming the Events

Introduction

This is a pretty simple application that I created for work. In the 9 to 5 world I’m not a programmer, but a systems administrator. As an administrator I needed a way to test my monitoring devices without causing any real errors. This application sends messages to the Windows log as either an application or system event (security is read-only). You can specify the criticality level to be information, warning, or error. And finally, you can pick an application source and type in the error message.

I then use a program called ntsyslogger to send the data over to my monitoring server which would then send out notification emails if a critical event has occurred. These few lines of code have been quite useful when I know I want to capture an error, but I am unable to safely reproduce it.

Create the Project

Create a new Visual Basic.NET project. I used the Windows Application template and called it "EventWrite"

To make things easier for me I renamed Form1.vb to frmEventWrite.vb by right clicking the file in the solutions explorer. I then selected the form and changed the text to "EventWrite" and the name to "frmEventWrite".

Creating the User Interface

Since the program will not include event IDs and such, there are 4 main parts to a logged event: the type (application, security, or system), the criticality (information, warning, error, audit success, and audit failure), the source, and finally the message itself. For the UI, there will be a label and an input method for each. There will also be a way to send our message to the logs in the form of a submit button. In case the user messed up and is too lazy to erase what they have typed there will also be a clear button.

The first label is "Error Type", and a combo-box will be associated with this option. Drag and drop the label from the toolbox in Visual Studio, type "Error Type", and rename it lblErrorType so that it is easily identified. For the combo-box drag that over as well, rename it cmbErrorType, and set a couple extra options. The first thing is to change the drop down style to DropDownList instead of DropDown. This way the users won’t be able to create their own error types. For the item collection add Application and System. Security logs are read-only except by the operating system, so don’t worry about that one.

Error level was pretty similar to error type. Rename the label lblErrorLevel, and the combo box to cmbErrorLevel. Change the style of the combo box to DropDownList as well and then add Information, Warning, and Error to the item collection. Audit success and audit failure are used with security logs.

Application source should be pretty simple, just drag and drop the label and a text box over, rename them according to our schema, and clear the default text. Description was only different from the application source field in that it needs to be able to contain multiple lines of input. Set the multiline option to true and make the text box a little bigger.

Last but not least, the buttons to send the data to the event logs and the clear button need to be created. Drag over two buttons from the toolbox and rename them btnClear and btnSubmit. After changing the text to reflect their function, the user interface is done.

Next >>