|Every tried to write to the Application Event Log out of a Web Application running in Windows Server 2008 / IIS7? Well, i just tried that and spent about an hour to figure out, how to ‘allow’ the Web Application to write to the Event Log.|
using the following snippet in my code:
EventLog evtLog = new EventLog();
evtLog.Source = "DEMO.Web";
(ASP Handler Class) – (.ashx extension) resulted in a:
Server Error in ‘/DEMO/test’ Application.
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application’s trust level in the configuration file.
Exception Details: System.Security.SecurityException: The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security.
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
[SecurityException: The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security.]
System.Diagnostics.EventLog.FindSourceRegistration(String source, String machineName, Boolean readOnly) +563
System.Diagnostics.EventLog.SourceExists(String source, String machineName) +264
System.Diagnostics.EventLog.VerifyAndCreateSource(String sourceName, String currentMachineName) +84
System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType type, Int32 eventID, Int16 category, Byte rawData) +377
System.Diagnostics.EventLog.WriteEntry(String message) +36
DEMOProject.Web.DEMO.ProcessRequest(HttpContext context) in D:\Development\DEMO.ashx.cs:25
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +171
I searched for a while until i found this one here:
Network Service is allowed to write to the Event Log, but not create an event source. you could give permissions to
HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\ to allow it to create – but if you’ve already created it at install time, there’s no need.
It’s possible that it’s failing on the
SourceExists as well – since that requires enumerating the same registry key. I’d probably just remove the SourceExists/Create check and trust that it’s there – if you’re anonymous, you can’t create it anyway.
So i just added the Network Service Account to the EventLog Key granting Full Control for the key and all of its sub keys.
Now we’re almost done. Now, don’t forget to create the corresponding Application-Event-Source-Whatever-Key! In this case/example the Key is named: DEMO.Web
Now, try it again, logging to Event Manager should be working fine..