System.Security.SecurityException when writing to Event Log

System.Security.SecurityException when writing to Event Log

回答1

To give Network Service read permission on the EventLog/Security key (as suggested by Firenzi and royrules22) follow instructions from http://geekswithblogs.net/timh/archive/2005/10/05/56029.aspx

  1. Open the Registry Editor:
    1. Select Start then Run
    2. Enter regedt32 or regedit
  2. Navigate/expand to the following key:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security

  3. Right click on this entry and select Permissions

  4. Add the Network Service user

  5. Give it Read permission

UPDATE: The steps above are ok on developer machines, where you do not use deployment process to install application.
However if you deploy your application to other machine(s), consider to register event log sources during installation as suggested in SailAvid's and Nicole Calinoiu's answers.

I am using PowerShell function (calling in Octopus Deploy.ps1)

function Create-EventSources() {
    $eventSources = @("MySource1","MySource2" )
    foreach ($source in $eventSources) {
            if ([System.Diagnostics.EventLog]::SourceExists($source) -eq $false) {
                [System.Diagnostics.EventLog]::CreateEventSource($source, "Application")
            }
    }
}

 

回答2

The solution was to give the "Network Service" account read permission on the EventLog/Security key.

 

 

Security Exception when writing to Event Log

Symptom

The following message may occur during the submission of a transaction:

System.Security.SecurityException: The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security

Cause

This scenario may occur following a PanatrackerGP upgrade or installation, or following a server update. The message indicates that an application (e.g. PanatrackerGP) is attempting to write a message (informational or error condition) into the server's event log. However, security on the server is prohibiting the application process from completing the entry because the Security log cannot be accessed. Note that this is not a PanatrackerGP nor Dynamics GP issue, but rather relates to a server configuration. In this case, the "source" that is referred to is likely "Panatracker", which is used by the event log as a mechanism to group event log messages. The condition is occurring because the server is not allowing the creation of this source.

PanatrackerGP is attempting to access the security log via the IIS process configured in the IIS application pool. For example, the IIS pool identity could be "Network Service" or another process. In this instance, this configured process does not have the permission to create the log source. Therefore, it cannot write the actual message it is attempting to write to the event log.

Solution

Please note there are likely multiple ways to resolve this issue. Please consult with your partner or server engineer to confirm the best solution for your scenario.

Additional background on this message can be found here:  http://stackoverflow.com/questions/1274018/system-security-securityexception-when-writing-to-event-log/3138269#3138269

The following steps can be used to give the default user that runs the PanatrackerGP portal process additional privileges to allow it to create the missing event source.

Perform a registry backup before making changes to the registry.

  1. Open the Registry Editor by selecting Start then Run and enter regedt32 or regedit.
  2. Navigate/expand the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security
  3. Right click on this entry and select Permissions
  4. Add the user "IIS APPPOOL\PanatrackerGP" user and give user Full Control
  5. Navigate/expand to the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog
  6. Right click on this entry and select Permissions
  7. Add the "IIS APPPOOL\PanatrackerGP" user and give user Full Control

Once the above changes have been made, reattempt the failing transaction TWICE. This is suggested because the server will use the first attempt to create the source, and the second to write the message that it originally wanted to write. 

 

posted @ 2021-01-15 04:33  ChuckLu  阅读(20)  评论(0编辑  收藏