|
|
/*++
Copyright (c) 2001 Microsoft Corporation
Module Name:
Eventlog.cpp
Abstract:
Implementation of the event log API wrapper class.
Notes:
Unicode only. History:
03/02/2001 rparsons Created
--*/
#include "eventlog.h"
/*++
Routine Description:
Adds the specified event source to the registry
Arguments:
lpwSourceFile - The path & name of the file that contains the event log strings lpwSourceName - The name of the event log source dwLogType - The log that the source should be added to
Return Value:
TRUE if the source was added successfully, FALSE otherwise
--*/BOOL CEventLog::CreateEventSource( IN LPCWSTR lpwSourceFile, IN LPCWSTR lpwSourceName, IN DWORD dwLogType ){ HKEY hLogKey = NULL; DWORD dwTypes = 7L; DWORD cCount = 0L; BOOL fResult = FALSE; WCHAR wszRegPath[MAX_PATH] = L"";
__try {
//
// Determine the log type - application, system,
// or security - and build the path in the registry
//
switch (dwLogType) { case dwApplication:
wsprintf(wszRegPath, L"%s\\%s", APP_LOG_REG_PATH, lpwSourceName);
break;
case dwSystem:
wsprintf(wszRegPath, L"%s\\%s", SYS_LOG_REG_PATH, lpwSourceName);
break;
case dwSecurity:
wsprintf(wszRegPath, L"%s\\%s", SEC_LOG_REG_PATH, lpwSourceName);
break; } //
// Open the source key - if it doesn't exist,
// it will be created
//
if (RegCreateKeyEx(HKEY_LOCAL_MACHINE, wszRegPath, 0, NULL, REG_OPTION_NON_VOLATILE, KEY_SET_VALUE, NULL, &hLogKey, 0) != ERROR_SUCCESS) __leave;
//
// Write the path to our message file
//
if (RegSetValueEx(hLogKey, L"EventMessageFile", 0L, REG_SZ, (LPBYTE) lpwSourceFile, (wcslen(lpwSourceFile)+1) *sizeof(WCHAR)) != ERROR_SUCCESS) __leave;
//
// Write the number of event types supported
//
if (RegSetValueEx(hLogKey, L"TypesSupported", 0L, REG_DWORD, (LPBYTE) &dwTypes, sizeof(DWORD)) != ERROR_SUCCESS) __leave;
//
// Write the number of event categories supported
//
if (RegSetValueEx(hLogKey, L"CategoryCount", 0L, REG_DWORD, (LPBYTE) &cCount, sizeof(DWORD)) != ERROR_SUCCESS) __leave;
fResult = TRUE; } // try
__finally {
if (hLogKey) { RegCloseKey(hLogKey); } } // finally
return (fResult);}
/*++
Routine Description:
Logs an event to the event log
Arguments:
lpwSourceName - Name of the source in the registry lpwUNCServerName - UNC server name or NULL for local wType - Type of event to report dwEventID - Event identifier wNumStrings - Number of insertion strings contained in lpwStrings array *lpwStrings - Array of insertion strings. Can be NULL if no strings are being used
Return Value:
None
--*/BOOLCEventLog::LogEvent( IN LPCWSTR lpwSourceName, IN LPCWSTR lpwUNCServerName, IN WORD wType, IN DWORD dwEventID, IN WORD wNumStrings, IN LPCWSTR *lpwStrings OPTIONAL ){ HANDLE hES = NULL; LPVOID lpMsgBuf = NULL; BOOL fResult = FALSE;
__try { //
// Obtain a handle to our event source
//
hES = RegisterEventSource(lpwUNCServerName, lpwSourceName);
if (NULL == hES) { __leave; }
if (wNumStrings) {
//
// Report the event with insertion strings
//
fResult = ReportEvent(hES, wType, 0, dwEventID, NULL, wNumStrings, 0, lpwStrings, 0); } else {
//
// Report the event with no strings
//
fResult = ReportEvent(hES, wType, 0, dwEventID, NULL, 0, 0L, NULL, 0); }
} // try
__finally {
if (hES) {
DeregisterEventSource(hES); } } // finally
return (fResult);}
|
