Export (0) Print
Expand All

WebAuditEvent Class

Serves as the base class for all ASP.NET health-monitoring audit events.

Namespace:  System.Web.Management
Assembly:  System.Web (in System.Web.dll)

public class WebAuditEvent : WebManagementEvent

The WebAuditEvent type exposes the following members.

  NameDescription
Protected methodWebAuditEvent(String, Object, Int32)Infrastructure. Initializes a new instance of the WebAuditEvent class using the supplied parameters.
Protected methodWebAuditEvent(String, Object, Int32, Int32)Infrastructure. Initializes a new instance of the WebAuditEvent class with specified event parameters.
Top

  NameDescription
Public propertyEventCodeGets the code value associated with the event. (Inherited from WebBaseEvent.)
Public propertyEventDetailCodeGets the event detail code. (Inherited from WebBaseEvent.)
Public propertyEventIDGets the identifier associated with the event. (Inherited from WebBaseEvent.)
Public propertyEventOccurrenceGets a counter that represents the number of times the event has occurred. (Inherited from WebBaseEvent.)
Public propertyEventSequenceGets the number of times the event has been raised by the application. (Inherited from WebBaseEvent.)
Public propertyEventSourceGets the object that raises the event. (Inherited from WebBaseEvent.)
Public propertyEventTimeGets the time when the event was raised. (Inherited from WebBaseEvent.)
Public propertyEventTimeUtcGets the time when the event was raised. (Inherited from WebBaseEvent.)
Public propertyMessageGets the message that describes the event. (Inherited from WebBaseEvent.)
Public propertyProcessInformationGets information about the ASP.NET application-hosting process. (Inherited from WebManagementEvent.)
Public propertyRequestInformationGet the information associated with the Web request.
Top

  NameDescription
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodFormatCustomEventDetailsProvides standard formatting of the event information. (Inherited from WebBaseEvent.)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Protected methodIncrementPerfCountersInfrastructure. Used internally to increment performance counters. (Inherited from WebBaseEvent.)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodRaise()Raises an event by notifying any configured provider that the event has occurred. (Inherited from WebBaseEvent.)
Public methodToString()Formats event information for display purposes. (Inherited from WebBaseEvent.)
Public methodToString(Boolean, Boolean)Formats event information for display purposes. (Inherited from WebBaseEvent.)
Top

ASP.NET health monitoring allows production and operations staff to manage deployed Web applications. The System.Web.Management namespace contains the health-event types responsible for packaging application health-status data and the provider types responsible for processing this data. It also contains supporting types that help during the management of health events.

The WebAuditEvent class is the base class from which the ASP.NET health-monitoring audit-event classes derive. The audit events generate information about security-related operations in a Web application and provide both a success and failure event for each audited operation.

The health-monitoring system can audit both successful and unsuccessful events, which means an application can be monitored for both normal and malfunctioning conditions. By default, only the failure audit events are recorded.

The following operations are audited by ASP.NET, and may generate success-or-failure health-monitoring audit events:

  • Login attempts made by users of an ASP.NET application. For more details about this auditing, see WebAuthenticationSuccessAuditEvent and WebSuccessAuditEvent.

  • Security-related events, such as authentication failures, failed resource access attempts, and other security-related events. The log of these events can be useful when investigating an intrusion or attack on the application. By default, no auditing support is provided for authorization failures of anonymous users. For more details about failure event audits, see WebAuthenticationFailureAuditEvent and WebFailureAuditEvent.

  • Custom events raised by an ASP.NET application. You can audit custom events by extending the functionality provided by the WebAuditEvent class and derived classes

NoteNote

In most cases you will be able to use the ASP.NET health-monitoring types as implemented, and you will control the health-monitoring system by specifying values in the healthMonitoring configuration section. You can also derive from the health-monitoring types to create your own custom events and providers. For an example of deriving from the WebAuditEvent class, see the example provided in this topic.

Notes to Inheritors

When formatting your custom event information for display, override the FormatCustomEventDetails method rather than the ToString method. This will avoid overwriting or tampering with sensitive system information.

The following code example shows how to derive from the WebAuditEvent class to create a custom audit event.


using System;
using System.Text;
using System.Web;
using System.Web.Management;

namespace SamplesAspNet
{
    // Implements a custom WebAuditEvent class.  
    public class SampleWebAuditEvent : System.Web.Management.WebAuditEvent
    {
        private string customCreatedMsg, customRaisedMsg;

        // Invoked in case of events identified only by their event code. 
        public SampleWebAuditEvent(string msg, object eventSource, 
            int eventCode): base(msg, eventSource, eventCode)
        {
            // Perform custom initialization.
            customCreatedMsg =
              string.Format("Event created at: {0}", 
              DateTime.Now.TimeOfDay.ToString());
        }


        // Invoked in case of events identified by their event code.and  
        // event detailed code. 
        public SampleWebAuditEvent(string msg, object eventSource, 
            int eventCode, int detailedCode): 
            base(msg, eventSource, eventCode, detailedCode)
        {
            // Perform custom initialization.
            customCreatedMsg =
              string.Format("Event created at: {0}", 
              DateTime.Now.TimeOfDay.ToString());
        }

        // Raises the SampleWebAuditEvent. 
        public override void Raise()
        {
            // Perform custom processing.
            customRaisedMsg =
              string.Format("Event raised at: {0}", 
              DateTime.Now.TimeOfDay.ToString());

            // Raise the event.
            WebBaseEvent.Raise(this);
        }


        // Obtains the current thread information. 
        public WebRequestInformation GetRequestInformation()
        {
            // Obtain the Web request information. 
            // No customization is allowed here. 
            return RequestInformation;
        }


        //Formats Web request event information. 
        //This method is invoked indirectly by the provider  
        // using one of the overloaded ToString() methods. 
        public override void FormatCustomEventDetails(
            WebEventFormatter formatter)
        {
            base.FormatCustomEventDetails(formatter);

            // Add custom data.
            formatter.AppendLine("");

            formatter.IndentationLevel += 1;
            formatter.AppendLine(
                "******** SampleWebAuditEvent Information Start ********");
            formatter.AppendLine(string.Format("Request path: {0}",
              RequestInformation.RequestPath));
            formatter.AppendLine(string.Format("Request Url: {0}",
              RequestInformation.RequestUrl));

            // Display custom event timing.
            formatter.AppendLine(customCreatedMsg);
            formatter.AppendLine(customRaisedMsg);

            formatter.AppendLine(
                "******** SampleWebAuditEvent Information End ********");

            formatter.IndentationLevel -= 1;

        }
    }

}

The following is an excerpt of the configuration file that enables ASP.NET to use the event.

<healthMonitoring 
  enabled="true"
  heartBeatInterval="0"> 

  <providers>
    <add name="EventLogProvider" 
      type="System.Web.Management.EventLogWebEventProvider,
      System.Web,Version=2.0.3600.0,Culture=neutral,
      PublicKeyToken=b03f5f7f11d50a3a"/>
  </providers>

  <eventMappings>
    <add  name="SampleWebAuditEvent" 
      type="SamplesAspNet.SampleWebAuditEvent,
      webauditevent,Version=1.0.1663.31140, 
      Culture=neutral, 
      PublicKeyToken=0d1fa0f69d94de96, 
      processorArchitecture=MSIL"/>
  </eventMappings>

  <rules>
    <add name="Custom Audit Default"
      eventName="SampleWebAuditEvent"
      provider="EventLogProvider"
      profile="Default"/>  
  </rules>

</healthMonitoring>

.NET Framework

Supported in: 4.5, 4, 3.5, 3.0, 2.0

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft