Đã Đóng

Windows Event Log Monitoring

Development of windows services application compatible with: Windows 7,

Windows XP , Windows 2003/2008 (all service pack), Windows Vista.

The following technologies will be used for the project:

1. .NET Delphi / Delphi 2009 or C#

2. XML;

3. Windows Services;

4. Windows Performance Monitor (not mandatory)

5. Windows Cryptography Providers

We request:

-. Source Code

-. Executable file ready to install

-. Copyright tansfer

General Information

The Windows services should be installed on all Windows OS version and starts automatically at boot; at regular intervals service reads the Local Windows Event Log for matching specific Event ID/User Name combination ( an xml configuration file will be described later). If there are new entries the service extracts data and creates syslog message for each entry as follow:

Date and Time | Event ID | User | IP Address | Computer Name

If events are of Audit type then the syslog message should also contains the Logon Type field:

Date and Time | EventID |User | IP Address | Computer Name|Event Type| Logon Type|


The service will send those messages as syslog format to a remote server.

The service will have a dedicated tcp port in order to check remotely its network availability and for sending special TCP commands for gathering windows performances like cpu utilization, memory, disk space, bandwidth ( the sequence of command is explained later in this document) . This feature is not mandatory.

A system for code activation (so that service can be executed only on a specific machine) is mandatory and will be described later. So the final work consist of 4 files – executable for installing the service, encrypted list of MACs (activation file) , configuration XML, certificate file for XML file. Service will keep track on what events was already “seen” in each event log and store last seen event date in Windows Registry to skip seen events in case of restarts.

1. XML Configuration file

1)[url removed, login to view] – service consumes configuration as an XML document

a)1..a Configuration file allows to configure following values:

b)1..b Event log scan period (default value: 5 secs if not specified);

c)1..c Alive responder port (default value: 12000 if not specified);

d)1..d Syslog server entries having IP address to send messages to;

e)1..e List of User entries having name used for message formatting purposes;

f)1..f List of Log entries having Event Log name to read events from;

g)1..g List of Event Id entries specifying which events should be reported to Syslog


h)1..h Several sections for same server, user of event log are allowed – corresponding

lists of settings will be merged

i) When service is running it checks periodically (every 30 seconds) whether configuration

file is modified, by recalculating its hash and if it is modified – overwrites it with inmemory

copy and sends special message to syslog server if it is modified;

j) Configuration’s file hash is stored in a separate certificate file, if it is missing file is

considered changed.

k) Certificate file contains Triple DES encrypted SHA256 hash calculated on the

configuration file.

Configuration file example:

<?xml version="1.0" encoding="UTF-8"?>

<tosyslog IP=’’ scan_period=’5’>

<user name='PaulC'>

<Log name='Security'>







<Log name='MyApplication'>







<user name='MarkJ'>

<Log name='Security'>








2. Activation System

1)[url removed, login to view] – service runs only on machines allowed to run on, specified in activation file

a)2..a Activation file contains list of MAC addresses. If server attempting to start service has at least one Ethernet adapter having MAC address from the list – start will be successful.

Otherwise, error message will be recorded to the System Event log and a special syslog service will be also sent to

For TCP Command for gathering performance data please see table.png attacched.

Kĩ năng: Lập trình C#, Delphi

Xem nhiều hơn: read windows event log delphi, event log monitoring, windows event log delphi, windows vista event log delphi, windows xml event log delphi, windows 2003 event log performance, monitoring events windows, event log delphi running, monitor windows events, delphi event log, event log windows, monitor windows event log, event log monitoring delphi, monitoring windows services, monitor windows 2008 event log, net windows event log monitoring, performance monitor, list windows event log, windows event log monitor, windows server event log stored, list events specific event log, windows event log monitoring, delphi event log event, windows services file monitoring, windows service monitor event log

Về Bên Thuê:
( 0 nhận xét ) Italy

ID dự án: #1676715

9 freelancer đang chào giá trung bình €265 cho công việc này


Hello, i have 11 years experince in Delphi and 8 in c#. I can make this project fast and properly. Thanks

€600 EUR trong 15 ngày
(39 Nhận xét)

We are a very experienced team who can tackle this task. Please check PMB for more details.

€300 EUR trong 10 ngày
(29 Nhận xét)

Hi. I have experience in developing applications that works with system log. I will do project in C#. Oleg

€100 EUR trong 10 ngày
(7 Nhận xét)

Consider it Done. Please check PMB

€225 EUR trong 14 ngày
(5 Nhận xét)

Salve, ho letto tutta la descrizione dell progetto. E possibile parlare in privato ?

€200 EUR trong 4 ngày
(2 Nhận xét)

At Your service.

€250 EUR trong 15 ngày
(0 Nhận xét)

I'm glad to do it for you!Thanks.

€260 EUR trong 15 ngày
(0 Nhận xét)

Hi, I can do this project for you, I have enough experience on this kind of job.

€200 EUR trong 5 ngày
(0 Nhận xét)

I am an experienced engineer who has developed applications in C# since 2001. I can deliver a product in the required form and including a source code.

€250 EUR trong 20 ngày
(0 Nhận xét)