开发者

Get event viewer logs with win api in c++

开发者 https://www.devze.com 2023-01-17 09:27 出处：网络

My application need to save event viewer logs to a specified directory and it has to be done with win api. Application and System logs are required开发者_JAVA百科.

相关专题：event-log event-viewer winapi

My application need to save event viewer logs to a specified directory and it has to be done with win api. Application and System logs are required开发者_JAVA百科.

EDIT: EvtExportLog - I found out that I can't use this function because minimal requirements are Win Server 2008, and I need this to work on Win Server 2000 and Win Server 2003.

Any suggestions what to use and how to use it?

And there is solution thanks to Richard Cook.

    int getEventLogs()
{
    HANDLE h = OpenEventLog(NULL,"System");
    if(!BackupEventLog(h,"backup.evt"))
    {
        wprintf(L"BackupEventLog failed for initial export with %lu.\n", GetLastError());
    }
    return 1;
}

You can enumerate the available channels on the system using EvtOpenChannelEnum, EvtNextChannelPath and EvtClose (documentation). These APIs (EvtNextChannelPath specifically) will return paths in an appropriate format for EvtExportLog.