Windows Service running but event logs not working

I have a windows service listening to messages from a queue but the messages are not read from the queue.I created an event log to check for logs during service startup and shutdown but the logs are not written. I do not want to debug the service since it is a painful process.Is there a way to solve this issue.The messages need to be read by the service and written to a database.

Comments:

---

In my experience, the most common problem in writing to event logs is that the user does not have sufficient permission to write to the event log. Can you check the identity that the Windows service is running under, and verify that it has permission to write to the event log that you have created?

And, can you check the event log to see if any errors are being recorded when attempts are made to write to it?

Answers:

This certainly sounds as if the account that your windows service is running under doesn’t have enough rights to write to the event log in question.

Setting event log permissions for non-admin accounts can be a bit of a black art because you need to configure custom security descriptors using SDDL etc. However there’s a very handy MS knowledgebase article on how to do this programmatically:

How to setup event log security programmatically using the .Net Framework

I use this all the time now and it’s as simple as:

int mask = EventLogSecurity.CustomSD_ALL_ACCESS;

string logName = "Application";
string domain = "MyMachineOrDomainName";
string account = "UserAccount";

EventLogSecurity.AddUserToEventLogCustomSD(logName, domain, account, mask);

Answers:

If you want to use logging instead of debugging don’t use the event log. Use plain old text logs.

Answers:

Calculate total CPU usage

What is best algorithm for calculating total CPU usage at a particular time during execution of a process.

I am working windows platform in C++.

Comments:

---

Intel VTune is a great tool for anaylzing cpu resources: http://www.intel.com/cd/software/products/asmo-na/eng/239144.htm

Answers:

Use WMI to get “PercentProcessorTime”; beware that this will probably have its own performance penalty.

If you are looking to throttle your application, a better way it to have your own internal performance metric specific to your application and throttle based on that (e.g. screen refresh rate, etc.)

Answers:

GetProcessTimes for 100-nanosecond resolution. If you want cycle times, use QueryProcessCycleTime in Vista and above.

Answers:

Don’t use WMI
Simply Use win32 NAPI

Answers:

Let me recommend you this great article: http://www.codeproject.com/KB/threads/Get_CPU_Usage.aspx

I’m sure you’ll find it useful.

Answers:

// Declare
PerformanceCounter cpuCounter = null;

// initialize somewhere in the constructor..
cpuCounter = new PerformanceCounter();
cpuCounter.CategoryName = “Processor”;
cpuCounter.CounterName = “% Processor Time”;
cpuCounter.InstanceName = “_Total”;

Then to get the CPU usage in % just call
cpuCounter.NextValue()

Source:http://zamov.online.fr/EXHTML/CSharp/CSharp_927308.html

Answers:

The simplest method to obtains total CPU load for a period is using GetSystemTimes API. It’s a kernel function available starting Windows XP SP1. It returns the amount of CPU time used since system power-up. So, the difference between these values obtained during an interval will yield you total CPU usage for that interval.

Remember, that kernel time provided by this function includes ‘idle’ time, so you have to subtract idle time returned by first parameter from it.

The function returns total time for all cores/processors available, so you may also want to divide the deltas by the number of processors obtained from GetSystemInfo.

Answers:

How to get date/time when file was placed in a directory on Windows?

Is there a way to tell when a file was moved to a certain directory?

I’m being asked why a script of mine did not find a file in a certain directory. The file was created last January but I suspect it was placed in the directory after the script was run. Is there a way for me to confirm my suspicion?

Viewing the file properties gives me the created, modified, and accessed times, and the first two do not change when moving files from one directory to another.

---

EDIT: I have cygwin installed, if that helps at all. Is there a unix way of determining when a directory entry was created?

Comments:

---

If the file in question can be shown to have been the last file added to that directory, you can look at the last modified date of the directory itself, since directories are modified when files are inserted into them. Otherwise, I don’t hold much hope.

Answers:

If you’re on Windows XP or 2000 or higher, you should be able to use dir /tc to get the creation time of the file (which will be when it was copied to the directory). Under Cygwin, you can use ls -lc.

Answers:

Using wmic and or creating a layer for yourself really helps when using cyging. For example a function like this will return everything in the actual windows properties dialog for a file…

finfo() { [[ -f "$(cygpath "$@")" ]] || { echo "bad-file";return 1;}; echo "$(wmic datafile where name=""$(echo "$(cygpath -wa "$@")"|sed 's/\/\\/g')"" get /value)"|sed 's/r//g;s/^M$//;/^$/d'|awk -F"=" '{print $1"=""33[1m"$2"33[0m"}';}

This way regardless of how the file was touched you have multiple ways of knowing.

CMD Line FU Info link

Answers:

Is there some sort of secure local storage on Windows?

I was thinking of making a small tool. It is not important what the tool will do. The important thing, is that the tool will need to store some sensitive information on the user’s HDD. EDIT: The information that will be stored is USER’S information – I’m not trying to protect my own content, that I distribute with the app.

I understand that I need to encrypt this information. But then, where do I safely store the encryption password? It’s some sort of an infinite recursion…

So, is there a way, to encrypt information on windows, and have windows securely manage the passwords? When I say windows I mean Windows XP SP2 or later.

I should also note, that users on the same system must not have access to other users information (even when they are both running my application).

I’m looking for both – .NET 2.0 (C#) and native (C/C++) solutions to this problem.

Comments:

---

You can use the native encryption facility. Set the encrypt attribute on your folder or file (from the property page, click on the “advanced” button). Then you can set the users that can access the file (by default this only includes the file creator). The big advantage of this solution is that it is totally transparent from the application and the users points of view.

To do it programmatically: using the Win32 API, call EncryptFile() on the directory where you want to store your sensitive per-user data. From now on all newly created files within this dir will be encrypted and only readable by their creator (that would be the current user of your app). Alternatively you can use the FILE_ATTRIBUTE_ENCRYPTED flag on individual files at creation time. You can check encryption info from the explorer on the file’s property page, and see that app-created files are correctly encrypted and restricted to their respective users. There is no password to store or use, everything is transparent.

If you want to hide data from all users then you can create a special app-specific user and impersonate it from your app. This, along with ACLs, is the blessed technique on Windows for system services.

Answers:

You might want to look at Isolated Storage, which is a way of storing settings and other data on a per-application data automatically.
See an example and MSDN.

This is an alternative to storing normal settings in the registry, a better one in a lot of cases… I’m not sure how the data is stored to file however so you’d need to check, you wouldn’t want it to be accessible, even encrypted, to other users. From memory only the app. that created the storage can open it – but that needs checking.

Edit:

From memory when I last used this, a good approach is to write a “Setting” class which handles all the settings etc. in your app. This class then has the equivalent of Serialize and DeSerialize methods which allow it to write all its data to an IsolatedStorage file, or load them back again.

The extra advantage of implementing it in this way is you can use attributes to mark up bits of the source and can then use a Property Grid to quickly give you user-edit control of settings (the Property Grid manipulates class properties at runtime using reflection).

Answers:

Erm hash the password? You don’t need to store the real deal anywhere on the machine just a hashed password (possibly salted too). Then when the user enters their password you perform the same operation on that and compare it to the hashed one you’ve stored on disk.

Answers:

I recommend you look at the Enterprise Library Cryptography Application Block. Check this blog post. Windows has a built in Data Protection API for encrypting data, but the Crypto Application Block makes it more straightforward.

Answers:

is there a way, to encrypt information on windows, and have windows securely manage the passwords?

CryptProtectData: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380261(v=vs.85).aspx

Using from .NET: http://msdn.microsoft.com/en-us/library/aa302402.aspx

Historically, Protected Storage (available in XP, read-only in vista+): http://msdn.microsoft.com/en-us/library/bb432403%28VS.85%29.aspx

Answers:

Um, what you’re trying to achieve is exactly what DRM tried to achieve. Encrypt something then give the user the keys (however obfuscated) and the crypto. They did it with DVDs. They did it with Blu-Ray. They did it with iTunes.

What you are proposing to do will never be secure. Your average lay person will probably not figure it out, but any sufficiently motivated attacker will work it out and discover the keys, the algorithm and decrypt the data.

If all you’re doing is encrypting user data then ask the user for their password. If you’re trying to protect your internal data from the user running the application you’re S.O.L.

Answers:

You should consider using DPAPI for this purpose. It will encrypt your data with a special (internal) symmetric key which is on per-user basis. You don’t even need to ask for passwords in this case, because different users on the system will have different keys assigned to them.

The downside of it might be that you can’t recover the data if the user is deleted/Windows reinstalled (I believe that this is the case, not quite sure though). In that case encrypt the data with a “self-generated” key derived from the password and store the password in registry/file encrypted using DPAPI.

Answers: