I'm trying to use log4net to write to a customer event log under IIS7 on Windows Server 2008 SP1. However, account doesn't seem to have access to write to the event log. Does anyone have any suggestions?
我正在尝试使用log4net在Windows Server 2008 SP1上的IIS7下写入客户事件日志。但是,帐户似乎不能写入事件日志。有人有什么建议吗?
4 个解决方案
#1
59
The problem is probably your event source. You have to create an event source before you can write to the event log (if you don't, the Event log object tries to create one for you "automagically" the first time you write to the log).
问题可能是您的事件源。在写入事件日志之前,您必须创建一个事件源(如果您不这样做的话,事件日志对象会尝试在您第一次写入日志时为您创建一个“自动”)。
You have to have hightened permissions to create an event log source. In some of my web apps, I have put the code to create the event source into my setup (setup runs as admin, so I'm always guaranteed to be able to create the source).
您必须具有高度的权限才能创建事件日志源。在我的一些web应用程序中,我已经将代码创建到我的设置中(设置作为admin运行,所以我总是保证能够创建源)。
You just have to create the source once. After that, your ASP.Net app should have sufficient permissions to write entries specifying the source (or sources) that you created.
你只需要创建一次源。在那之后,你的ASP。Net应用程序应该有足够的权限来编写条目,指定您创建的源(或源)。
You can use an EventLogInstaller in your setup to create the source, or you could just write a little utility to call EventLog.CreateEventSource() as an admin.
您可以在设置中使用EventLogInstaller来创建源代码,或者您可以编写一个小实用程序来调用EventLog.CreateEventSource()作为admin。
I'll show you both ways:
我将向你们展示两种方法:
// You would do this one from within an Installer class in a setup:
private void InstallEventLog()
{
EventLogInstaller logInstaller;
//Create an instance of an EventLogInstaller.
logInstaller = new EventLogInstaller();
//Set the source name of the event log.
logInstaller.Source = "TheEventSourceName";
Installers.Add(logInstaller);
}
Method 2: just call CreateEventSource once as an admin (you could put the following code into a console app, for example, and run the console app as admin
方法2:只需调用CreateEventSource一次作为admin(例如,您可以将以下代码放入控制台应用程序中,并作为admin运行控制台应用程序)。
EventLog.CreateEventSource("TheSourceName", "Application");
Bonus: If you have Powershell installed on your server, you can do it from the Powershell command prompt: (Make sure you are running Powershell as an admin)
额外好处:如果您的服务器上安装了Powershell,那么可以从Powershell命令提示符(确保您正在运行Powershell作为admin)完成它。
[system.Diagnostics.EventLog]::CreateEventSource("SourceName", "Application")
Hop that helps
跳,帮助
#2
15
Give the ASPNET permission to the event log.
将ASPNET权限授予事件日志。
Run -> regedit - > Browse to
运行-> regedit ->浏览到。
HKEY_LOCAL_MACHINE
\SYSTEM
\CurrentControlSet
\Services
\Eventlog
Right click select permissions and give the ASPNET account full control
右击选择权限并给予ASPNET帐户完全控制。
#3
7
IIS 8 permission solving answer
iis8权限解决方案。
I am lazy and didn't create a special log in my code, instead I used:
我很懒,并没有在代码中创建一个特殊的日志,而是使用:
System.Diagnostics.EventLog.WriteEntry("MyAppName", "Bla Bla SQL ERROR: "+sx.Message);
System.Diagnostics.EventLog。WriteEntry(“MyAppName”,“Bla Bla SQL ERROR:”+sx.Message);
Just to complete Michael's answer In IIS8 the user used by IIS when running server side code is : IIS_IUSRS
在IIS8中,当运行服务器端代码时,IIS使用的用户是:IIS_IUSRS。
(actually its more complicated because there are virtual accounts within IIS_IUSRS but they get permissions from that account, see IIS_IUSRS and IUSR permissions in IIS8 form more details)
(实际上它更复杂,因为在IIS_IUSRS中有虚拟帐户,但是它们从该帐户获得了权限,请参阅IIS_IUSRS以及IIS8中的IUSR权限)
That user only requires READ permission on this registry node:
该用户只需要在此注册表节点上读取权限:
HKLM\CurrentControlSet\System\Services\Eventlog\Security
HKLM \ CurrentControlSet \ System \ Services \事件日志\安全
The reason for this is that when a new log source is written to, before creating it, the system wants to check that it doesn't exist so it needs to READ the source names.
这样做的原因是,在创建新的日志源之前,系统要检查它是否存在,因此需要读取源名称。
Also, if you are using the iis express of visual studio, it will run under your personal credentials, so if you don't have read access permission to the registry node above you will need to add it too when debugging under visual studio.
另外,如果您使用的是visual studio的iis express,那么它将在您的个人凭据下运行,因此如果您没有对上面的注册表节点进行读访问权限,那么在visual studio下进行调试时也需要添加它。
(If administrators has permission to the node and your are in that group, it is not enough, you need to run visual studio 'as administrator' - which will work only from visual studio shortcut and not the sln shortcut)
(如果管理员对该节点有权限,而您在该组中,这是不够的,您需要运行visual studio“作为管理员”——它只会在visual studio快捷方式中运行,而不是sln快捷方式)
Another note: If the computer is in a domain and you can't find the IIS_IUSRS account when editing registry permissions, it is likely you are looking in the wrong 'location', searching for the account on the domain active directory instead of the local computer)
另一个注意事项:如果计算机在一个域中,并且在编辑注册表权限时无法找到IIS_IUSRS帐户,那么很可能您正在查找错误的“位置”,在域活动目录上搜索帐户而不是本地计算机)
#4
2
I think a more secure option to @Michael Kniskern's good example is:
我认为一个更安全的选择是@Michael Kniskern的好例子是:
regedit...
注册表编辑器…
HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Services \Eventlog \your_new_application_log
HKEY_LOCAL_MACHINE \系统\CurrentControlSet \ \ \Eventlog \your_new_application_log。
Give full control to just the specific application log created for the purposes of your application (in this example right-click your_new_application_log and set permissions there). Once the new log name is created it will appear in the registry nested under eventlog node as above.
完全控制为应用程序创建的特定应用程序日志(在本例中右键单击your_new_application_log并设置权限)。一旦创建了新的日志名称,它就会出现在位于eventlog节点下的注册表中。
#1
59
The problem is probably your event source. You have to create an event source before you can write to the event log (if you don't, the Event log object tries to create one for you "automagically" the first time you write to the log).
问题可能是您的事件源。在写入事件日志之前,您必须创建一个事件源(如果您不这样做的话,事件日志对象会尝试在您第一次写入日志时为您创建一个“自动”)。
You have to have hightened permissions to create an event log source. In some of my web apps, I have put the code to create the event source into my setup (setup runs as admin, so I'm always guaranteed to be able to create the source).
您必须具有高度的权限才能创建事件日志源。在我的一些web应用程序中,我已经将代码创建到我的设置中(设置作为admin运行,所以我总是保证能够创建源)。
You just have to create the source once. After that, your ASP.Net app should have sufficient permissions to write entries specifying the source (or sources) that you created.
你只需要创建一次源。在那之后,你的ASP。Net应用程序应该有足够的权限来编写条目,指定您创建的源(或源)。
You can use an EventLogInstaller in your setup to create the source, or you could just write a little utility to call EventLog.CreateEventSource() as an admin.
您可以在设置中使用EventLogInstaller来创建源代码,或者您可以编写一个小实用程序来调用EventLog.CreateEventSource()作为admin。
I'll show you both ways:
我将向你们展示两种方法:
// You would do this one from within an Installer class in a setup:
private void InstallEventLog()
{
EventLogInstaller logInstaller;
//Create an instance of an EventLogInstaller.
logInstaller = new EventLogInstaller();
//Set the source name of the event log.
logInstaller.Source = "TheEventSourceName";
Installers.Add(logInstaller);
}
Method 2: just call CreateEventSource once as an admin (you could put the following code into a console app, for example, and run the console app as admin
方法2:只需调用CreateEventSource一次作为admin(例如,您可以将以下代码放入控制台应用程序中,并作为admin运行控制台应用程序)。
EventLog.CreateEventSource("TheSourceName", "Application");
Bonus: If you have Powershell installed on your server, you can do it from the Powershell command prompt: (Make sure you are running Powershell as an admin)
额外好处:如果您的服务器上安装了Powershell,那么可以从Powershell命令提示符(确保您正在运行Powershell作为admin)完成它。
[system.Diagnostics.EventLog]::CreateEventSource("SourceName", "Application")
Hop that helps
跳,帮助
#2
15
Give the ASPNET permission to the event log.
将ASPNET权限授予事件日志。
Run -> regedit - > Browse to
运行-> regedit ->浏览到。
HKEY_LOCAL_MACHINE
\SYSTEM
\CurrentControlSet
\Services
\Eventlog
Right click select permissions and give the ASPNET account full control
右击选择权限并给予ASPNET帐户完全控制。
#3
7
IIS 8 permission solving answer
iis8权限解决方案。
I am lazy and didn't create a special log in my code, instead I used:
我很懒,并没有在代码中创建一个特殊的日志,而是使用:
System.Diagnostics.EventLog.WriteEntry("MyAppName", "Bla Bla SQL ERROR: "+sx.Message);
System.Diagnostics.EventLog。WriteEntry(“MyAppName”,“Bla Bla SQL ERROR:”+sx.Message);
Just to complete Michael's answer In IIS8 the user used by IIS when running server side code is : IIS_IUSRS
在IIS8中,当运行服务器端代码时,IIS使用的用户是:IIS_IUSRS。
(actually its more complicated because there are virtual accounts within IIS_IUSRS but they get permissions from that account, see IIS_IUSRS and IUSR permissions in IIS8 form more details)
(实际上它更复杂,因为在IIS_IUSRS中有虚拟帐户,但是它们从该帐户获得了权限,请参阅IIS_IUSRS以及IIS8中的IUSR权限)
That user only requires READ permission on this registry node:
该用户只需要在此注册表节点上读取权限:
HKLM\CurrentControlSet\System\Services\Eventlog\Security
HKLM \ CurrentControlSet \ System \ Services \事件日志\安全
The reason for this is that when a new log source is written to, before creating it, the system wants to check that it doesn't exist so it needs to READ the source names.
这样做的原因是,在创建新的日志源之前,系统要检查它是否存在,因此需要读取源名称。
Also, if you are using the iis express of visual studio, it will run under your personal credentials, so if you don't have read access permission to the registry node above you will need to add it too when debugging under visual studio.
另外,如果您使用的是visual studio的iis express,那么它将在您的个人凭据下运行,因此如果您没有对上面的注册表节点进行读访问权限,那么在visual studio下进行调试时也需要添加它。
(If administrators has permission to the node and your are in that group, it is not enough, you need to run visual studio 'as administrator' - which will work only from visual studio shortcut and not the sln shortcut)
(如果管理员对该节点有权限,而您在该组中,这是不够的,您需要运行visual studio“作为管理员”——它只会在visual studio快捷方式中运行,而不是sln快捷方式)
Another note: If the computer is in a domain and you can't find the IIS_IUSRS account when editing registry permissions, it is likely you are looking in the wrong 'location', searching for the account on the domain active directory instead of the local computer)
另一个注意事项:如果计算机在一个域中,并且在编辑注册表权限时无法找到IIS_IUSRS帐户,那么很可能您正在查找错误的“位置”,在域活动目录上搜索帐户而不是本地计算机)
#4
2
I think a more secure option to @Michael Kniskern's good example is:
我认为一个更安全的选择是@Michael Kniskern的好例子是:
regedit...
注册表编辑器…
HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Services \Eventlog \your_new_application_log
HKEY_LOCAL_MACHINE \系统\CurrentControlSet \ \ \Eventlog \your_new_application_log。
Give full control to just the specific application log created for the purposes of your application (in this example right-click your_new_application_log and set permissions there). Once the new log name is created it will appear in the registry nested under eventlog node as above.
完全控制为应用程序创建的特定应用程序日志(在本例中右键单击your_new_application_log并设置权限)。一旦创建了新的日志名称,它就会出现在位于eventlog节点下的注册表中。