In this article, I am going to share with you my tips and tricks on how to use Windows Event Log with C#. You will find some basic examples to get you started. After that in the publication, you will read about how to create Event Loggers through prominent logging libraries like log4net and NLog. At the end of the article, I am going to show you how to create unit and integration tests for your event log loggers.

Getting Started Event Log C#

Definition Event Viewer is a tool that displays detailed information about significant events (for example, programs that don't start as expected or updates that are downloaded automatically) on your computer. Event Viewer can be helpful when troubleshooting problems and errors with Windows and other programs.

To start writing messages to the Event Log, you first need to create a new event source. Create Event Source

The code first checks if the event source exists if it doesn't, it is created.

Write New Event Log Entry

Create a new log instance and assign its source instance. Then call the WriteEntry method.

Read Event Log Entries

The above code reads all the entries from the log named "Automate The Planet". The entry object contains all the information about the log entry,

Delete Event Source

If the event log source exists then, we delete it. The same is valid for the event log. Write to Event Log log4net

Definition The Apache ﻿log4net library is a tool to help the programmer output log statements to a variety of output targets. log4net is a port of the excellent Apache log4j framework to the .NET runtime.

It is a piece of cake to configure log4net to start logging messages to specified event log. You need the following information in your app.config or log4net.config

Set the LogName parameter to be equal to the name of the event log where your code needs to write. The ApplicationName should be set to the name of the event log source.

The above code is going to write the specified message in the 'Kaspersky Event Log' event log with source kis .

Write to Event Log NLog

Definition NLog is a free logging platform for .NET, Silverlight and Windows Phone with rich log routing and management capabilities. NLog makes it easy to produce and manage high-quality logs for your application regardless of its size or complexity.

To start using NLog, first you need to install two NuGet packages- NLog and NLog.Config. The later is going to add the NLog.config file to your project. The below configuration will set up the logger to write the new messages to the specified event log.

The below code is going to write the specified message to the Kaspersky Event Log.

Unit Test Event Log Logger To be able to exchange the logger solutions if needed, we can create a logger interface that is going to be used in the production code.

After that we can create a concrete logger implementation that depends on NLog.

Let's assume that we need to create a calculation application. Before the calculation, a new message should be written to the event log.

As you can see the Calculator is not using the EventLogger directly but is working with the ILogger interface. We can use unity IOC container to initialize the calculator app and the logger.

If you need to write unit tests for the Calculator, it is really easy to mock the EventLogger. For a mocking framework, I use Just Mock. You can install it as a NuGet package. The Lite version is free.

As the calculator app uses an interface instead of the EventLogger directly, it is easy to mock its behaviour. Instead of sending the specified message to the event log, we set the loggedMessage variable. If the LogInfo method is called the variable is initialized. At the end of the test assert that the correct string is assigned. Integration Test Event Log Logger Sometimes you need to test the real integration between the event log and your application. If you develop a web application, it may be deployed on multiple machines so you should be able to test against all of them.

This is the base class for the specific event logs asserters. It is going to get the event log entries from the specified event log from all mentioned machines. The log entries are populated reverted so that you can check the newest first. Through the public method AssertMessageExistsInTop, you can check if a particular message exists in the last topCount messages in the event log.

The specific loggers inherit the EventLogAssert and pass to its constructor the name of the event log and the list of machines' names.

The usage is pretty straightforward.