Baidu for a long time, did not find any useful information,,,
CodePudding user response:
No one know?CodePudding user response:
Can'tWrite programs regularly scan the event Log, the.net can through the System. Diagnostics. The EventLog. GetEventLogs () method to obtain the EventLog object collection, judge the EventLog Log attribute of the object is equal to the Security, is the object of Security logs,
EventLog Entries is a collection of security logs you want to use EventLogEntry traverse it, EventLogEntry InstanceId attribute=4625, said it was a failed authentication events, ReplacementStrings record (19) is the IP address, to the hashtable statistics of the number of times, it has been to enough times will perform the operation you need
Statistics and record the latest EventLogEntry. TimeGenerated attribute as a tag, the next traversal, met earlier than that of direct ignore, later than it is to do processing,