Description
Description
The Microsoft.Extensions.Logging.EventLog.WindowsEventLog class writes a backup event log when exception is thrown while writing event log, but it does not include any information regarding the application. This makes it difficult to identify the application that failed to write log.
Reproduction Steps
Create a console application project with the following code and run it under non-admin account.
// source.cs
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Logging.EventLog;
var settings = new EventLogSettings { LogName = "Application", SourceName = "MyEventSource"};
var loggerFactory = LoggerFactory.Create(builder => builder.AddEventLog(settings));
var logger = loggerFactory.CreateLogger();
logger.LogInformation("Something happened.");
Expected behavior
An event log is recorded with information regarding the application that failed to write log, such as process name and .NET version.
Actual behavior
An event log is recorded with the following message.
"Unable to log .NET application events. The source was not found, but some or all event logs could not be searched. To create the source, you need permission to read all event logs to make sure that the new source name is unique. Inaccessible logs: Security."
This message does not have any information about the application. Windows event log may contain process id, but if the process has already exited when investigating, there is no way to identify the application from the process id in the event log.
Regression?
No response
Known Workarounds
No response
Configuration
No response
Other information
Related code is here.