I then made sure that the BizUnit tests were changed to look for the event log entries in the correct event log and ran the regression suite and guess what - they all failed! I looked for the events and found that my new event log was there but pitifully empty and instead the events were still being written into the Application log.
I then checked my registry keys in HKLM/SYSTEM/CurrentControlSet/Services/EventLog and they were all OK as well, all pointing to the correct event log.
I was also wondering if this was a Windows 2008 thing, because the event log infrastructure has changed quite a bit in there as well.
I did a bit of rooting around, and found some good thoughts out there, including a forums post here http://www.eggheadcafe.com/community/aspnet/2/10022041/writing-to-custom-event-l.aspx which is one place that points to some support info from Microsoft http://support.microsoft.com/default.aspx/kb/815314 and that didn't really take me anywhere because I was doing what seemed to be the right thing already.
In the end it was much more mundane. If you have removed an event source and registered it onto a different event log you need to reboot. When the machine comes back up again all the events go into the right place.
No comments:
Post a Comment