using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Diagnostics;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using System.Management;
using System.Diagnostics.Eventing.Reader;

namespace WindowsEventSelect
{
    public partial class Form1 : Form
    {
        public Form1()
        {
            InitializeComponent();
        }

private void button1_Click(object sender, EventArgs e)
        {
            var conOpt = new ConnectionOptions();
            conOpt.Impersonation = ImpersonationLevel.Impersonate;
            conOpt.EnablePrivileges = true;
            //conOpt.Username = "Admistrator";
            //conOpt.Password = "password";
            //conOpt.Authority = string.Format("ntlmdomain:{0}", "yourdomain.com");

var scope = new ManagementScope(String.Format(@"\\{0}\ROOT\CIMV2", "192.168.1.23"), conOpt);

scope.Connect();
            bool isConnected = scope.IsConnected;
            if (isConnected)
            {

/* entire day */
                //string dateTime = getDmtfFromDateTime(DateTime.Today.Subtract(new TimeSpan(1, 0, 0, 0)));
                string dateTime = getDmtfFromDateTime(DateTime.Now.ToString("yyyy/MM/dd") + " 09:02"); // DateTime specific

SelectQuery query = new SelectQuery("Select * from Win32_NTLogEvent Where TimeGenerated >=‘" + dateTime + "‘");
                //SelectQuery query = new SelectQuery("Select * from Win32_NTLogEvent Where TimeWritten >=‘" + dateTime + "‘");
                ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query);
                ManagementObjectCollection logs = searcher.Get();
               
                ShowItem a = new ShowItem();
                List<ShowItem> aLst = new List<ShowItem>();

foreach (var log in logs)
                {
                    a = new ShowItem();
                    a.TimeWritten = getDateTimeFromDmtfDate(log["TimeWritten"].ToString());
                    a.SourceName = log["SourceName"].ToString();
                    a.Message = nullToEmpty(log["Message"]);
                    aLst.Add(a);
                    //Console.WriteLine("Message : {0}", log["Message"]);
                    //Console.WriteLine("ComputerName : {0}", log["ComputerName"]);
                    //Console.WriteLine("Type : {0}", log["Type"]);
                    //Console.WriteLine("User : {0}", log["User"]);
                    //Console.WriteLine("EventCode : {0}", log["EventCode"]);
                    //Console.WriteLine("Category : {0}", log["Category"]);
                    //Console.WriteLine("SourceName : {0}", log["SourceName"]);
                    //Console.WriteLine("RecordNumber : {0}", log["RecordNumber"]);
                    //Console.WriteLine("TimeWritten : {0}", getDateTimeFromDmtfDate(log["TimeWritten"].ToString()));
                }
                List<ShowItem> ds = new List<ShowItem>();
                ds = aLst.OrderBy(c => c.TimeWritten).ToList();
                dataGridView1.DataSource = ds;
            }