mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
235 lines
5.3 KiB
235 lines
5.3 KiB
/*++
|
|
|
|
Copyright (c) 2001 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
Eventlog.cpp
|
|
|
|
Abstract:
|
|
|
|
Implementation of the event log API
|
|
wrapper class.
|
|
|
|
Notes:
|
|
|
|
Unicode only.
|
|
|
|
History:
|
|
|
|
03/02/2001 rparsons Created
|
|
|
|
--*/
|
|
|
|
#include "eventlog.h"
|
|
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Adds the specified event source to the registry
|
|
|
|
Arguments:
|
|
|
|
lpwSourceFile - The path & name of the file that
|
|
contains the event log strings
|
|
lpwSourceName - The name of the event log source
|
|
dwLogType - The log that the source should be
|
|
added to
|
|
|
|
Return Value:
|
|
|
|
TRUE if the source was added successfully, FALSE otherwise
|
|
|
|
--*/
|
|
BOOL
|
|
CEventLog::CreateEventSource(
|
|
IN LPCWSTR lpwSourceFile,
|
|
IN LPCWSTR lpwSourceName,
|
|
IN DWORD dwLogType
|
|
)
|
|
{
|
|
HKEY hLogKey = NULL;
|
|
DWORD dwTypes = 7L;
|
|
DWORD cCount = 0L;
|
|
BOOL fResult = FALSE;
|
|
WCHAR wszRegPath[MAX_PATH] = L"";
|
|
|
|
__try {
|
|
|
|
//
|
|
// Determine the log type - application, system,
|
|
// or security - and build the path in the registry
|
|
//
|
|
switch (dwLogType) {
|
|
|
|
case dwApplication:
|
|
|
|
wsprintf(wszRegPath, L"%s\\%s", APP_LOG_REG_PATH, lpwSourceName);
|
|
|
|
break;
|
|
|
|
case dwSystem:
|
|
|
|
wsprintf(wszRegPath, L"%s\\%s", SYS_LOG_REG_PATH, lpwSourceName);
|
|
|
|
break;
|
|
|
|
case dwSecurity:
|
|
|
|
wsprintf(wszRegPath, L"%s\\%s", SEC_LOG_REG_PATH, lpwSourceName);
|
|
|
|
break;
|
|
}
|
|
|
|
//
|
|
// Open the source key - if it doesn't exist,
|
|
// it will be created
|
|
//
|
|
if (RegCreateKeyEx(HKEY_LOCAL_MACHINE,
|
|
wszRegPath,
|
|
0,
|
|
NULL,
|
|
REG_OPTION_NON_VOLATILE,
|
|
KEY_SET_VALUE,
|
|
NULL,
|
|
&hLogKey,
|
|
0) != ERROR_SUCCESS) __leave;
|
|
|
|
//
|
|
// Write the path to our message file
|
|
//
|
|
if (RegSetValueEx(hLogKey,
|
|
L"EventMessageFile",
|
|
0L,
|
|
REG_SZ,
|
|
(LPBYTE) lpwSourceFile,
|
|
(wcslen(lpwSourceFile)+1)
|
|
*sizeof(WCHAR)) != ERROR_SUCCESS) __leave;
|
|
|
|
//
|
|
// Write the number of event types supported
|
|
//
|
|
if (RegSetValueEx(hLogKey,
|
|
L"TypesSupported",
|
|
0L,
|
|
REG_DWORD,
|
|
(LPBYTE) &dwTypes,
|
|
sizeof(DWORD)) != ERROR_SUCCESS) __leave;
|
|
|
|
|
|
//
|
|
// Write the number of event categories supported
|
|
//
|
|
if (RegSetValueEx(hLogKey,
|
|
L"CategoryCount",
|
|
0L,
|
|
REG_DWORD,
|
|
(LPBYTE) &cCount,
|
|
sizeof(DWORD)) != ERROR_SUCCESS) __leave;
|
|
|
|
fResult = TRUE;
|
|
|
|
} // try
|
|
|
|
__finally {
|
|
|
|
if (hLogKey) {
|
|
RegCloseKey(hLogKey);
|
|
}
|
|
|
|
} // finally
|
|
|
|
return (fResult);
|
|
}
|
|
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Logs an event to the event log
|
|
|
|
Arguments:
|
|
|
|
lpwSourceName - Name of the source in the registry
|
|
lpwUNCServerName - UNC server name or NULL for local
|
|
wType - Type of event to report
|
|
dwEventID - Event identifier
|
|
wNumStrings - Number of insertion strings contained
|
|
in lpwStrings array
|
|
*lpwStrings - Array of insertion strings. Can be NULL
|
|
if no strings are being used
|
|
|
|
Return Value:
|
|
|
|
None
|
|
|
|
--*/
|
|
BOOL
|
|
CEventLog::LogEvent(
|
|
IN LPCWSTR lpwSourceName,
|
|
IN LPCWSTR lpwUNCServerName,
|
|
IN WORD wType,
|
|
IN DWORD dwEventID,
|
|
IN WORD wNumStrings,
|
|
IN LPCWSTR *lpwStrings OPTIONAL
|
|
)
|
|
{
|
|
HANDLE hES = NULL;
|
|
LPVOID lpMsgBuf = NULL;
|
|
BOOL fResult = FALSE;
|
|
|
|
__try {
|
|
|
|
//
|
|
// Obtain a handle to our event source
|
|
//
|
|
hES = RegisterEventSource(lpwUNCServerName, lpwSourceName);
|
|
|
|
if (NULL == hES) {
|
|
__leave;
|
|
}
|
|
|
|
if (wNumStrings) {
|
|
|
|
//
|
|
// Report the event with insertion strings
|
|
//
|
|
fResult = ReportEvent(hES,
|
|
wType,
|
|
0,
|
|
dwEventID,
|
|
NULL,
|
|
wNumStrings,
|
|
0,
|
|
lpwStrings,
|
|
0);
|
|
} else {
|
|
|
|
//
|
|
// Report the event with no strings
|
|
//
|
|
fResult = ReportEvent(hES,
|
|
wType,
|
|
0,
|
|
dwEventID,
|
|
NULL,
|
|
0,
|
|
0L,
|
|
NULL,
|
|
0);
|
|
}
|
|
|
|
} // try
|
|
|
|
__finally {
|
|
|
|
if (hES) {
|
|
|
|
DeregisterEventSource(hES);
|
|
}
|
|
|
|
} // finally
|
|
|
|
return (fResult);
|
|
}
|