Writing Messages / Entries To Event Log | Cannot Write to Event Log Error

Thursday, September 22, 2011

The following code writes a message to the windows event application log under the existing event source “BizTalk Server”.
System.Diagnostics.EventLog.WriteEntry("BizTalk Server","This is the error message",System.Diagnostics.EventLogEntryType.Error,0);
The code above is normally placed inside an Expression shape in the orchestration as shown as “Write eventlog”
image
However if you require to write to your own defined event source, you must create the key in the registry first under the following path “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application”. The BizTalk host account must have read access to the security key and Read/Write access the new event key.
I tend to create a new event source for each application I deploy, so I decided to use a PowerShell script to create the key and set the permissions for each of the environments to save time.
Use the script below and replace the 2 variables values $EventName and $AccountName with the name of your event source and the account of the host instance for the orchestration.
#Define variables 
[string]$EventName = "BizTalkTest2"
[string]$AccountName = "vm-tpdev01\zx_BTHost1Svc"
 
#Create the new key
$keyName = "HKLM:\SYSTEM\CurrentControlSet\services\eventlog\Application\" + $EventName
md $keyName
 
#set the permission
$acl = Get-Acl $keyName
 
# grant service full control to this key
$person = [System.Security.Principal.NTAccount]$AccountName
$access = [System.Security.AccessControl.RegistryRights]"FullControl"
$inheritance = [System.Security.AccessControl.InheritanceFlags]"None"
$propagation = [System.Security.AccessControl.PropagationFlags]"None"
$type = [System.Security.AccessControl.AccessControlType]"Allow"
$rule = New-Object System.Security.AccessControl.RegistryAccessRule($person,$access,$inheritance,$propagation,$type)
$acl.AddAccessRule($rule)
Set-Acl $keyName $acl
 
#Grant read-only to BTS Host account
$acl = Get-Acl HKLM:\SYSTEM\CurrentControlSet\services\eventlog\Security
$person = [System.Security.Principal.NTAccount]$AccountName
$access = [System.Security.AccessControl.RegistryRights]"ReadKey"
$inheritance = [System.Security.AccessControl.InheritanceFlags]"None"
$propagation = [System.Security.AccessControl.PropagationFlags]"None"
$type = [System.Security.AccessControl.AccessControlType]"Allow"
$rule = New-Object System.Security.AccessControl.RegistryAccessRule($person,$access,$inheritance,$propagation,$type)
$acl.AddAccessRule($rule)
Set-Acl HKLM:\SYSTEM\CurrentControlSet\services\eventlog\Security $acl
 
#Check permissions
get-acl  $keyName | Format-Table -wrap
get-acl HKLM:\SYSTEM\CurrentControlSet\services\eventlog\Security | Format-Table -wrap
 
 
 
Next open a PowerShell window as “Run as Administrator” and execute the script to create the key and permissions.
Helpful Links For this Post:

How to set event log security locally or by using Group Policy in Windows Server 2003




No comments:

Post a Comment

Post Your Comment...