private void load_available_event_logs_async(string machine_name) {
// name, friendly name
List< Tuple<string, string> > available_logs = new List<Tuple<string, string>>();
try {
var logs = machine_name == "" ? EventLog.GetEventLogs() : EventLog.GetEventLogs(machine_name);
foreach (var log in logs)
available_logs.Add( new Tuple<string, string>(log.Log, friendly_event_log_name(log)));
// if it's local logs, try to go to C:\Windows\System32\winevt\Logs as well
if (machine_name == "") {
string dir = Environment.GetFolderPath(Environment.SpecialFolder.System) + "\\winevt\\Logs";
var files = (new DirectoryInfo(dir).EnumerateFiles("*.evtx")).OrderBy(x => -x.LastWriteTime.Ticks).Select(x => {
var name = x.Name.Substring(0, x.Name.Length - 5).Replace("%4", "/");
string desc = "(? events, size: " + (x.Length / 1024) + " KB)";
return new Tuple<string, string>(name, name + desc);
}).ToList();
if (files.Count > app.inst.max_event_log_files)
files = files.GetRange(0, app.inst.max_event_log_files);
// remove dumplicates (entries we already have
files = files.Where(x => !available_logs.Any(y => y.Item1 == x.Item1) ).ToList();
available_logs.AddRange( files );
}
} catch (Exception e) {
logger.Error("update event log list: " + e.Message);
}
available_event_logs_ = available_logs.Select(x => x.Item1).ToList();
this.async_call(() => {
++ignore_change_;
eventLogs.Items.Clear();
foreach (var log in available_logs) {
bool is_checked = selectedEventLogs.Text.Split(new string[] {"\r\n"}, StringSplitOptions.RemoveEmptyEntries).Contains(log.Item1);
eventLogs.Items.Add(log.Item2, is_checked);
}
--ignore_change_;
});
}
