C + + Write to Application log (Event log)

Log files are part of the operating system, so there must be an application programming interface (API) to support logging

Instance:

HANDLE h;
if ((h = RegisterEventSource (Null,text ("metalive")) = = NULL)
{
return FALSE;
}
Const char* PS = "PSZS1PSZS2PSZS3";
WORD Wtype=eventlog_error_type;//eventlog_information_type;
DWORD dwid=5001;
int ISTR = 1;
BOOL BRet;
DWORD DWORD;
if (h)
{
Bret=::reportevent (H,
Wtype,
0,
Dwid,
NULL,//SID
ISTR,
0,
&ps,
NULL);

Dword=::getlasterror ();
}
//

Windows xp-based computers record events in the following three logs:

1. Application Log

The application log contains events logged by the program. For example, a database program might log file errors in the application log. Write to Application
Events in the log are determined by the software program developer.

2. Security log

The security log records events such as valid and invalid logon attempts, and events related to resource usage, such as creating, opening, or deleting files. For example

When logon auditing is enabled, an event is logged in the security log whenever a user attempts to log on to the computer. You must use the Administrator

Or as a member of the Administrators group, you can open, use, and specify which events are logged in the security log.

3. System Log

The system log contains events logged by the Windows XP system components. For example, if a driver could not be loaded during startup, the

An event is logged in the system log. Windows XP proactively determines which events are logged by system components.

In this article, we focus on the first Class Application log, which describes how to write a eventlog. Windows uses ReportEvent to report application messages.

Here is a simple introduction to this function.

HANDLE heventlog,	Handle returned by RegisterEventSource
WORD wtype,	Type of event to log
WORD wcategory,	Types of events
DWORD dweventid,	Event indication
psid lpusersid,	User security label (optional)
WORD wnumstrings,	String number of messages
DWORD dwdatasize,	The size of binary data in bytes
LPCTSTR *lpstrings,	The message itself
lpvoid Lprawdata	Binary data
);

Parameters

Heventlog
Event flag. This is the handle returned by RegisterEventSource. The type of the

Wtype
event. Can be one of the following:
value     meaning
eventlog_error_type     ERROR event
eventlog_warning_type     WARNING Event
eventlog_information_type      Information Event
eventlog_audit_success     SUCCESS AUDIT event
Eventlog_audit_ failure     Failure Audit Event

Wcategory
Indicates the type of message. This place is defined by the source itself and can be any value.

Dweventid
Event identification. According to my understanding, here's the logo in use, will be the source to explain the specific meaning. For example: 2001 means file open error, and so on.
Therefore, to set the full event log, you need to register an interpreted service in the system. The example program does not design this service, and
the reader can refer to another VB program. The

Lpusersid
points to the user security label. This parameter can be null when a security label is not required. The

Wnumstrings
The number of string groups in the array that the given lpstrings points to. 0 indicates that there are currently no string groups.

dwDataSize
gives the size, in bytes, of the data that will be written to the Evenet log. If this argument is 0, there is currently no event data. The

Lpstrings
points to a buffer, which is an array of 0-terminated strings that will be added to the message. Even if the dwDataSize parameter is 0,
This parameter must also be a valid pointer (or NULL). Each string in the array is a maximum of 32K bytes. The

Lprawdata
points to a buffer containing binary data. The item must be a valid pointer (or NULL) even if the dwDataSize parameter is 0.

Return Values
If execution succeeds, returns a value other than 0, indicating that the event entry has been written to the log.
If execution is unsuccessful, return 0.