We are using EventLog to log exceptions. there is a background thread which check once the eventlog get full and programmaticaly transfers the entries into an XML file and then clear the event log.
This works fine but it seems like there is too much work getting done, I thought it would be better to simply copy the .evt file used for logging the current application and then clear the event log.
is there any way to find the location/path of the file which will work on every windows OS?
its suggested to use
Registry.LocalMachine.OpenSubKey("System\\CurrentControlSet\\Services\\EventLog\\" + e.Log);
but then my application log names dont have a File property.
How are you archiving them now? Maybe that method can be improved to gain performance.
Here's an example.
EventLogSession els = new EventLogSession();
els.ExportLogAndMessages("Security", // Log Name to archive
PathType.LogName, // Type of Log
"*", // Query selecting all events
"C:\\archivedLog.evtx", // Exported Log Path
false, // Stop archive if query is invalid
CultureInfo.CurrentCulture);
Or you can use the ClearLog() method.
EventLogSession els = new EventLogSession();
// Clears all the events and archives them to the .evtx file
els.ClearLog("System", // Channel to Clear
"c:\\myLog.evtx"); // Backup File Path
More information can be found here: