How do I use the Health monitoring feature in ASP.NET 2.0?

From Guidance Share

Jump to: navigation, search

J.D. Meier, Prashant Bansode, Alex Mackman

Answer

You can use the health monitoring feature introduced in ASP.NET version 2.0 to instrument key application events. You can choose where to log events by configuring an appropriate provider. You can instrument built-in events or create custom events by deriving from one of the provided base events to monitor specific business logic or operations in your Web application. By default health monitoring is enabled for ASP.NET applications and it logs all Web error and audit failure events to Windows Event log. To use health monitoring

  • Identify all the security related events that you need to log for your application, including the default events available with health monitoring and custom security events specific to your application.
  • Configure event mappings for all the identified events in the web.config file as follows; here Membership Authentication Success event is mapped.
<healthMonitoring enabled=”true”>
...
 <eventMappings>
       <add name="LoginAudit" 
           type="System.Web.Management. AuditMembershipAuthenticationSuccess, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
           startEventCode="0" endEventCode="2147483647" />
   </eventMappings>
...
</healthMonitoring>
  • Identify the event store where you want to log the security events, you can choose multiple event stores for logging events based on event criticality etc.
  • Configure event providers corresponding to event store identified in web.config file as follows, here windows event log is used as event store
<healthMonitoring enabled=”true”>
...
   <providers>
       <add name="EventLogProvider"
           type="System.Web.Management.EventLogWebEventProvider,System.Web,Version=2.0.0.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a"  />
   </providers>
...
</healthMonitoring>
  • Configure <rules> to specify as to which security event is to be logged through which provider (event store).
<healthMonitoring enabled=”true”>
...
   <rules>
       <add provider="EventLogProvider" name="Login Audits" eventName="LoginAudit" />
   </rules>
...
</healthMonitoring>

Now when ever a membership authentication in your application is successful an event is raised by membership feature, which will be logged to Windows Event log automatically.

More Information

For more information on auditing and logging, see “How To: Use Health Monitoring in ASP.NET 2.0” at http://msdn.microsoft.com/library/en-us/dnpag2/html/PAGHT000011.asp and “How To: Instrument ASP.NET 2.0 Applications for Security” at http://msdn.microsoft.com/library/en-us/dnpag2/html/PAGHT000016.asp

Personal tools