• Event log c++ sample.


    1. Init regedit.
    bool InitLog( TCHAR *logName, TCHAR *sourceName, TCHAR *MessageDllName )
        {
            // This number of categories for the event source.
            DWORD dwCategoryNum = 1;
    
            HKEY hk; 
            DWORD dwData, dwDisp; 
            TCHAR szBuf[MAX_PATH]; 
            size_t cchSize = MAX_PATH;
    
            // Create the event source as a subkey of the log.
    
            HRESULT hr = _stprintf_s(szBuf,  //
                _T("SYSTEM\CurrentControlSet\Services\EventLog\%s\%s"),
                logName, sourceName); 
    
            if (RegCreateKeyEx(HKEY_LOCAL_MACHINE, szBuf, 
                0, NULL, REG_OPTION_NON_VOLATILE,
                KEY_WRITE, NULL, &hk, &dwDisp)) 
            {
                return false ;
            }
    
            // Set the name of the message file. 
    
            if (RegSetValueEx(hk,             // subkey handle 
                _T("EventMessageFile"),        // value name 
                0,                         // must be zero 
                REG_EXPAND_SZ,             // value type 
                (LPBYTE) MessageDllName,          // pointer to value data 
                (DWORD) (lstrlen(MessageDllName)+1)*sizeof(TCHAR))) // data size
            {
                RegCloseKey(hk); 
                return false ;
            }
    
            // Set the supported event types. 
    
            dwData = EVENTLOG_ERROR_TYPE | EVENTLOG_WARNING_TYPE | 
                EVENTLOG_INFORMATION_TYPE; 
    
            if (RegSetValueEx(hk,      // subkey handle 
                _T("TypesSupported"),  // value name 
                0,                 // must be zero 
                REG_DWORD,         // value type 
                (LPBYTE) &dwData,  // pointer to value data 
                sizeof(DWORD)))    // length of value data 
            {
                RegCloseKey(hk); 
                return false ;
            }
    
            // Set the category message file and number of categories.
    
            if (RegSetValueEx(hk,              // subkey handle 
                _T("CategoryMessageFile"),     // value name 
                0,                         // must be zero 
                REG_EXPAND_SZ,             // value type 
                (LPBYTE) MessageDllName,          // pointer to value data 
                (DWORD) (lstrlen(MessageDllName)+1)*sizeof(TCHAR))) // data size
            {
                RegCloseKey(hk); 
                return false ;
            }
    
            if (RegSetValueEx(hk,            // subkey handle 
                _T("CategoryCount"),         // value name 
                0,                       // must be zero 
                REG_DWORD,               // value type 
                (LPBYTE) &dwCategoryNum, // pointer to value data 
                sizeof(DWORD)))          // length of value data 
            {
                RegCloseKey(hk);
                return false ;
            }
    
            RegCloseKey(hk);
    
    
            //设置按需要覆盖重写日志
            HKEY hKey;  
    
            hr = _stprintf_s(szBuf,  //
                _T("SYSTEM\CurrentControlSet\Services\EventLog\%s"),
                logName); 
    
            if(::RegOpenKeyEx(HKEY_LOCAL_MACHINE, szBuf, NULL, KEY_ALL_ACCESS, &hKey) == ERROR_SUCCESS)
            {
                DWORD dwRetentionNum = 0;
                if (RegSetValueEx(hKey,            // subkey handle 
                    _T("Retention"),         // value name 
                    0,                       // must be zero 
                    REG_DWORD,               // value type 
                    (LPBYTE) &dwRetentionNum, // pointer to value data 
                    sizeof(DWORD)))          // length of value data 
                {
                    RegCloseKey(hKey);
                    return false ;
                }
            }
            RegCloseKey(hKey);
    
    
            _tcscpy_s ( m_SourceName, sourceName ) ;
    
    
            return true ;
        }

      2. Insert log

        void Log_Event ( DWORD dwEventId, WORD wType, TCHAR *pStr )
        {
            TCHAR* pBuf[1] ;
            pBuf[0] = pStr ;
                    
            if ( !m_bInit )
            {
                _tcscpy_s ( m_SourceName, _T("FAIL") ) ;
                dwEventId = 0 ;
            }
    
            HANDLE hEventSource = RegisterEventSource ( NULL, m_SourceName ) ;
            if ( hEventSource != NULL )
            {
                ReportEvent ( hEventSource, // handle of event source
                    wType,  // event type
                    0,                    // event category
                    dwEventId,                    // event ID
                    NULL,                 // current user's SID
                    1,                    // strings in lpszStrings
                    0,                    // no bytes of raw data
                    (LPCTSTR*)pBuf,  // array of error strings
                    NULL ) ;              // no raw data
    
                DeregisterEventSource ( hEventSource ) ;
            }
        }

    http://msdn.microsoft.com/en-us/library/aa363680(v=vs.85).aspx
  • 相关阅读:
    最能激怒程序猿的十句话()
    程序员是如何被外行给逼疯的?
    Linux 平台安装Oracle Database 12c
    替代恐慌你有吗?程序员会被深度学习技术淘汰吗?
    1006 换个格式输出整数 (15 分)C语言
    1021 个位数统计 (15 分)C语言
    1010 一元多项式求导 (25 分)C语言
    1009 说反话 (20 分)C语言
    1008 数组元素循环右移问题 (20 分)C语言
    1056 组合数的和 (15 分)C语言
  • 原文地址:https://www.cnblogs.com/iclk/p/3544552.html
Copyright © 2020-2023  润新知