GetEventLogs() Returns No Setup event log?

Question

Take the following C# code:

EventLog[] eventLogs;
eventLogs = EventLog.GetEventLogs(computername);
foreach (EventLog evt in eventLogs)
{
    statusMessagesListBox.Items.Add("evt.Log.ToString(): " + evt.Log.ToString() + "\t\tevt.LogDisplayName: " + evt.LogDisplayName);
}

When I run that, my output looks like this:

evt.Log.ToString(): Application      evt.LogDisplayName: Application
evt.Log.ToString(): HardwareEvents   evt.LogDisplayName: Hardware Events
evt.Log.ToString(): Security         evt.LogDisplayName: Security

And so on, like that. But why is there no Setup log? Furthermore, when I attempt to run this code:

var eventLog = new EventLog("Setup", computer);
eventLog.Clear();
eventLog.Dispose();

I get an error message that the log 'Setup' does not exist on that computer, even though it definitely does. The above code works for all other event logs except the Setup log.

How do I access the Setup event log?

For reference, the .NET frameworks being tried are 4.0 and 4.5, and the target computers are Windows 7 and 2008 R2.

Answer 1

The EventLog class only deals with Administrative event logs. The SetUp event log is an Operational log (you can see this in Event Viewer), so cannot be dealt with by this class.

To access the SetUp event log, you have to use the classes in the System.Diagnostics.Eventing.Reader namespace. You can iterate through the events using:

EventLogQuery query = new EventLogQuery("SetUp", PathType.LogName);
query.ReverseDirection = true; // this tells it to start with newest first
EventLogReader reader = new EventLogReader(query);

EventRecord eventRecord;

while ((eventRecord = reader.ReadEvent()) != null)
{
    // each eventRecord is an item from the event log
}

Take a look at this MDSN article for more detailed examples.