I'm now building a Windows Event Log viewer and we have quite a few Window Server 2003 boxes. I'm using EventLogReader class to do the querying, but it requires Vista+ so cannot be run on Windows Server 2003. Although EventLog class is available but it is very slow. Any other choices do I have?
Update: I'm not querying all the event logs, instead I'm querying event logs in a date range, is there a way to make it faster given that we only need event logs fall into a range? Now using EventLog class is extremely slow even for local box, unbearable for remote one.
The EventLog class is slow. The speed of access depends on the size of the event log. In most server scenarios, they are allowed to get quite large before archiving. The native Windows Event Viewer also supports remote log viewing which allows you to demonstrate how slow remote log viewing is.
I think it is likely that the Entries property of an EventLog is ordered by date. That means you could implement binary search of the entries (which Linq does NOT do by default) to speed things up a ton. Here's an example of a binary search extension: Can LINQ use binary search when the collection is ordered?