I'm trying to filter event logs with csharp, I need a method similar to Get-WinEvent command, that can filter the logs with XPATH or any other syntax.
The only method I found is GetEventLogs(), and it does not support filtering.
Any ideas?
Asked
Active
Viewed 648 times
1
daisy
- 22,498
- 29
- 129
- 265
-
You may try using [Linq To Objects](https://learn.microsoft.com/en-us/dotnet/csharp/linq/query-a-collection-of-objects) to do the querying part? Do you see any problem in that? – Siva Gopal Mar 26 '19 at 13:19
-
@SivaGopal You mean that I should use GetEventLogs to load all events in memory, then filter the collection, right? – daisy Mar 26 '19 at 13:21
-
Yes, you are right. – Siva Gopal Mar 26 '19 at 13:22
-
Not quite an answer, but the source code to `Get-WinEvent` can be found here: https://github.com/PowerShell/PowerShell/blob/233b54ed65d398604c0bfadccdc59cb81eb7e5de/src/Microsoft.PowerShell.Commands.Diagnostics/GetEventCommand.cs – Jeff Mar 26 '19 at 13:27
-
Powershell tries to be as convenient as possible to non-programming users. If you like what it does then [just use it](https://stackoverflow.com/questions/4179351/calling-powershell-functions-from-c-sharp). – Hans Passant Mar 26 '19 at 13:27