AuditLogLocation 枚举

定义

指定与安全相关的事件日志的记录位置。

public enum class AuditLogLocation
public enum AuditLogLocation
type AuditLogLocation = 
Public Enum AuditLogLocation
继承
AuditLogLocation

字段

Application 1

在事件日志中指定应用程序日志。

Default 0

指定由操作系统确定的默认位置。 如果 (支持写入安全日志,例如在 Windows Vista 和 Windows Server 2003 及更高平台上) ,则默认日志位置为安全日志。 否则, ((例如Windows XP SP2) 中),默认日志位置为应用程序日志。

Security 2

在事件日志中指定安全日志。 调用线程必须确保 SeAuditPrivilege 可以写入安全日志。

示例

以下示例将 ServiceSecurityAuditBehavior.AuditLogLocation 属性设置为其中 AuditLogLocation 一个值:

public static void Main()
{
    // Get base address from appsettings in configuration.
    Uri baseAddress = new Uri(ConfigurationManager.
        AppSettings["baseAddress"]);

    // Create a ServiceHost for the CalculatorService type
    // and provide the base address.
    using (ServiceHost serviceHost = new
        ServiceHost(typeof(CalculatorService), baseAddress))
    {
        // Create a new auditing behavior and set the log location.
        ServiceSecurityAuditBehavior newAudit =
            new ServiceSecurityAuditBehavior();
        newAudit.AuditLogLocation =
            AuditLogLocation.Application;
        newAudit.MessageAuthenticationAuditLevel =
            AuditLevel.SuccessOrFailure;
        newAudit.ServiceAuthorizationAuditLevel =
            AuditLevel.SuccessOrFailure;
        newAudit.SuppressAuditFailure = false;
        // Remove the old behavior and add the new.
        serviceHost.Description.
            Behaviors.Remove<ServiceSecurityAuditBehavior>();
        serviceHost.Description.Behaviors.Add(newAudit);
        // Open the ServiceHostBase to create listeners
        // and start listening for messages.
        serviceHost.Open();

        // The service can now be accessed.
        Console.WriteLine("The service is ready.");
        Console.WriteLine("Press <ENTER> to terminate service.");
        Console.WriteLine();
        Console.ReadLine();

        // Close the ServiceHostBase to shutdown the service.
        serviceHost.Close();
    }
}
Public Shared Sub Main() 
    ' Get base address from appsettings in configuration.
    Dim baseAddress As New Uri(ConfigurationManager.AppSettings("baseAddress"))
    
    ' Create a ServiceHost for the CalculatorService type 
    ' and provide the base address.
    Dim serviceHost As New ServiceHost(GetType(CalculatorService), baseAddress)
    Try
        ' Create a new auditing behavior and set the log location.
        Dim newAudit As New ServiceSecurityAuditBehavior()
        newAudit.AuditLogLocation = AuditLogLocation.Application
        newAudit.MessageAuthenticationAuditLevel = _
            AuditLevel.SuccessOrFailure
        newAudit.ServiceAuthorizationAuditLevel = _
            AuditLevel.SuccessOrFailure
        newAudit.SuppressAuditFailure = False
        ' Remove the old behavior and add the new.
        serviceHost.Description.Behaviors.Remove(Of ServiceSecurityAuditBehavior)
        serviceHost.Description.Behaviors.Add(newAudit)
        ' Open the ServiceHostBase to create listeners 
        ' and start listening for messages.
        serviceHost.Open()
        
        ' The service can now be accessed.
        Console.WriteLine("The service is ready.")
        Console.WriteLine("Press <ENTER> to terminate service.")
        Console.WriteLine()
        Console.ReadLine()
        
        ' Close the ServiceHostBase to shutdown the service.
        serviceHost.Close()
    Finally
    End Try

End Sub

注解

创建需要调用方身份验证和/或授权的Windows Communication Foundation (WCF) 应用程序时,可以指定记录与安全相关的事件,以便成功、失败或同时记录这两者。 日志的位置由此枚举确定。

指定审核日志的级别的方法是:通过将 MessageAuthenticationAuditLevel 类的 ServiceAuthorizationAuditLevelServiceSecurityAuditBehavior 属性设置为 AuditLevel 值之一。

还可以使用 <serviceSecurityAudit> 绑定指定审核行为。

重要

AuditLogLocation如果该属性设置为“安全性”且Audit Object Access未在中Local Security Policy设置,则不会将审核事件写入安全日志。 不返回任何失败记录,但审核项也不会写入安全日志。 此外,调用线程必须确保 SeAuditPrivilege 可以写入安全日志。

默认值取决于操作系统

将属性设置为默认值时,操作系统将确定实际写入的日志。 有关详细信息,请参阅审核

适用于

另请参阅