Sokui
Reputation: 53
EventLogReader filter EventLogQuery by created TimeDate
My current problem is, that I don't know the syntax of those Eventlogqueries. I want a query that gives me all the Events of the past one Week
private Result<List<AssetManagementEventlogDTO>> GetEvents()
{
var eventList = new List<AssetManagementEventlogDTO>();
string queryString = " *";
SecureString pw = new SecureString();
foreach (char c in Password)
{
pw.AppendChar(c);
}
EventLogSession session = new EventLogSession(
IP, // Remote Computer
Domain, // Domain
Username, // Username
pw,
SessionAuthentication.Default);
EventLogQuery query = new EventLogQuery("Security", PathType.FilePath, queryString);
query.Session = session;
GetEventlog(query, eventList, AssetManagementEventlogType.Security);
query = new EventLogQuery("Application", PathType.FilePath, queryString);
query.Session = session;
GetEventlog(query, eventList, AssetManagementEventlogType.Application);
query = new EventLogQuery("System", PathType.FilePath, queryString);
query.Session = session;
GetEventlog(query, eventList, AssetManagementEventlogType.System);
return Result<List<AssetManagementEventlogDTO>>.AsSuccess(eventList);
}
Upvotes: 1
Views: 1470
Answers (1)
Sokui
Reputation: 53
Ok I got the syntax now how it's working:
var daysAgo7 = DateTime.Now.AddDays(-7);
string queryString = $"*[System/TimeCreated/@SystemTime >= '{daysAgo7.ToString("yyyy-MM-dd")}T00:00:00.000000000K']";
Upvotes: 2
Related Questions
- Read Event Log From Newest to Oldest
- How can I query the Eventdata using a EventLogQuery?
- EventLog XML Query Filter Date Range
- EventLogQuery time format expected?
- Specific data from EventLogEntry
- How to read only new events added to the event log?
- Read event log in C#
- EventLogQuery does not return new event log records
- Event Logs since current time
- EventLogQuery - How do I filter off certain events?