1

I am monitoring a folder for changes using java.nio.file.WatchService to see when a file is modified. What I also need is, when I get an ENTRY_MODIFIED event, to see who modified the file. For this I am trying to search the Windows Event Log. So when I receive an event from the WatchService, I traverse the entries in the Windows Event Log using Advapi32Util.EventLogIterator. 

    Advapi32Util.EventLogIterator iter = new Advapi32Util.EventLogIterator("Security");
    while(iter.hasNext()) {
        Advapi32Util.EventLogRecord record = iter.next();
    }

From this record I retrieve the information I need. My problem is that if I traverse the Event Log exactly at the time when I receive the event from the WatchService, the log record still does not exist there. If I pause for 500 milliseconds and traverse after that, then it works. So it takes some time for the log entry to get written into the Event Log. Is there a way to subscribe to the Event Log so that I receive a notification when it is already updated and ready for traversal, so that I don't wait more than needed? (sometimes 500 milliseconds might be more than necessary, I want to perform the operation as fast as possible)

cbr
  • 12,563
  • 3
  • 38
  • 63
pinpinokio
  • 505
  • 5
  • 19
  • 1
    There's an example for subscribing to Event Log events in the WinAPI documentation: https://msdn.microsoft.com/en-us/library/windows/desktop/aa385771.aspx - you could try porting the sample over to Java. – cbr Mar 05 '18 at 15:07

0 Answers0