I've been trying to get into the 'C:WindowsSystem32winevtLogs' folder programmatically using C# so I can copy the event log files to a backup directory and then clear the event logs as a part of a daily backup apparatus, but I don't seem to be able to get access to this directory.
I've tried changing the application manifest to run under administrator ( ) which gives me the UAC prompt when I execute the program and I've even gone as far as to spawn a shell under NT AUHORITYSYSTEM identity to execute the code but it still says it's an invalid path, even though I can manually go into the directory under both administrative shell and the SYSTEM shell.
I've isolated it to just not being able to go into the winevt dir.
I use this code to see if I can access the directory.
Environment.CurrentDirectory = System.Environment.SystemDirectory + @"winevt";
only to receive
System.IO.DirectoryNotFoundException: Could not find a part of the path 'C:Windowssystem32winevt'.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.Directory.SetCurrentDirectory(String path)
at System.Environment.set_CurrentDirectory(String value)
at dev_EventLog.Program.Main(String[] args) in D:SourceCodesdev_EventLogdev_EventLogProgram.cs:line 30
I've tried many different ways to specify the directory but it's all the same, and I've also tried different subfolder of System32 and of the 10 or so I tried winevt is the only one to act like this.
This has been driving me nuts, anyone know why this isn't working under C# or am I forced to use VBScript to do this, since the following VBScript code works to copy the event log file.
dim filesys
set filesys=CreateObject("Scripting.FileSystemObject")
filesys.CopyFile "C:WindowsSystem32winevtLogsApplication.evtx", "C:
uslApplication.evtx"
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
