I am getting the following exception. I have given full control to Asp.net account on Eventlogs in Registry edit.
[SecurityException: The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security.]
System.Diagnostics.EventLog.FindSourceRegistration(String source, String machineName, Boolean readOnly, Boolean wantToCreate) +664 System.Diagnostics.EventLog.SourceExists(String source, String machineName, Boolean wantToCreate) +109 System.Diagnostics.EventLog.SourceExists(String source) +14 Microsoft.ApplicationBlocks.ExceptionManagement.DefaultPublisher.VerifyValidSource() +41
I guess this is due to some configuration issue on server?
This question is related to
c#
.net
windows-7
event-log
securityexception
EventLog.SourceExists
enumerates through the subkeys of HKLM\SYSTEM\CurrentControlSet\services\eventlog
to see if it contains a subkey with the specified name. If the user account under which the code is running does not have read access to a subkey that it attempts to access (in your case, the Security
subkey) before finding the target source, you will see an exception like the one you have described.
The usual approach for handling such issues is to register event log sources at installation time (under an administrator account), then assume that they exist at runtime, allowing any resulting exception to be treated as unexpected if a target event log source does not actually exist at runtime.
I recently experienced the error, and none of the solutions worked for me. What resolved the error for me was adding the Application pool user to the Power Users group in computer management. I couldn't use the Administrator group due to a company policy.
If you are performing a new install of the SenseNet TaskManagement website on IIS (from source code, not WebPI), you will get this message, usually related to SignalR communication. As @nicole-caliniou points out, it is due to a key search in the Registry that fails.
To solve this for SenseNet TaskManagement v1.1.0, first find the registry key name in the web.config file. By default it is "SnTaskWeb".
<appSettings>
<add key="LogSourceName" value="SnTaskWeb" />
Open the registry editor, regedit.exe
, and navigate to HKLM\SYSTEM\CurrentControlSet\Services\EventLog\SnTask
. Right-click on SnTask and select New Key
, and name the key SnTaskWeb
for the configuration shown above. Then right-click on the SnTaskWeb
element and select New Expandable String Value
. The name should be EventMessageFile
and the value data should be C:\Windows\Microsoft.NET\Framework\v4.0.30319\EventLogMessages.dll
.
Keywords: signalr, sensenet, regedit, permissions
If you just want to sniff if a Source exists on the local machine but don't have ability to get authorization to do this, you can finger it through the following example (VB).
This bypasses the security error. You could similarly modify this function to return the LogName for the Source.
Public Shared Function eventLogSourceExists(sSource as String) as Boolean
Try
EventLog.LogNameFromSourceName(sSource, ".")
Return True
Catch
Return False
End Try
End Function
Didnt work for me.
I created a new key and string value and managed to get it working
Key= HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\<Your app name>\
String EventMessageFile value=C:\Windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
For me just worked iisreset (run cmd as administrator -> iisreset). Maybe somebody could give it a try.
Inaccessible logs: Security
A new event source needs to have a unique name across all logs including Security (which needs admin privilege when it's being read).
So your app will need admin privilege to create a source. But that's probably an overkill.
I wrote this powershell script to create the event source at will. Save it as *.ps1
and run it with any privilege and it will elevate itself.
# CHECK OR RUN AS ADMIN
If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
$arguments = "& '" + $myinvocation.mycommand.definition + "'"
Start-Process powershell -Verb runAs -ArgumentList $arguments
Break
}
# CHECK FOR EXISTENCE OR CREATE
$source = "My Service Event Source";
$logname = "Application";
if ([System.Diagnostics.EventLog]::SourceExists($source) -eq $false) {
[System.Diagnostics.EventLog]::CreateEventSource($source, $logname);
Write-Host $source -f white -nonewline; Write-Host " successfully added." -f green;
}
else
{
Write-Host $source -f white -nonewline; Write-Host " already exists.";
}
# DONE
Write-Host -NoNewLine 'Press any key to continue...';
$null = $Host.UI.RawUI.ReadKey('NoEcho,IncludeKeyDown');
For me this error was due to the command prompt, which was not running under administrator privileges. You need to right click on the command prompt and say "Run as administrator".
You need administrator role to install or uninstall a service.
Had the same exception. In my case, I had to run Command Prompt with Administrator Rights.
From the Start Menu, right click on Command Prompt, select "Run as administrator".
Launch Developer command line "As an Administrator". This account has full access to Security log
Source: Stackoverflow.com