---------------------- Top bar ----------------------
SuperTree Demo
English Demo
Mixed article
Event Logging Functions

ReadEventLog

ReadEventLog

The ReadEventLog function reads a whole number of entries from the specified event log. The function can be used to read log entries in forward or reverse chronological order. 

BOOL ReadEventLog(
  HANDLE hEventLog,            // handle to event log
  DWORD dwReadFlags,           // specifies how to read log
  DWORD dwRecordOffset,        // number of first record
  LPVOID lpBuffer,             // address of buffer for read data
  DWORD nNumberOfBytesToRead,  // number of bytes to read
  DWORD *pnBytesRead,          // number of bytes read
  DWORD *pnMinNumberOfBytesNeeded 
                               // number of bytes required for next 
                               // record
);

Parameters

hEventLog
Handle to the event log to read. This handle is returned by the OpenEventLog function.
dwReadFlags
Specifies how the read operation is to proceed. This parameter can be any combination of the following values:
Value Meaning
EVENTLOG_FORWARDS_READ The log is read in forward chronological order.
EVENTLOG_BACKWARDS_READ The log is read in reverse chronological order.
EVENTLOG_SEEK_READ The read operation proceeds from the record specified by the dwRecordOffset parameter. If this flag is used, dwReadFlags must also specify EVENTLOG_FORWARDS_READ or EVENTLOG_BACKWARDS_READ. If the buffer is large enough, more than one record can be read at the specified seek position; the additional flag indicates the direction for successive read operations.
EVENTLOG_SEQUENTIAL_READ The read operation proceeds sequentially from the last call to the ReadEventLog function using this handle.

dwRecordOffset
Specifies the log-entry record number at which the read operation should start. This parameter is ignored unless the dwReadFlags parameter includes the EVENTLOG_SEEK_READ flag.
lpBuffer
Pointer to a buffer for the data read from the event log. This parameter cannot be NULL, even if the nNumberOfBytesToRead parameter is zero.

The buffer will be filled with an EVENTLOGRECORD structure.

nNumberOfBytesToRead
Specifies the size, in bytes, of the buffer. This function will read as many whole log entries as will fit in the buffer; the function will not return partial entries, even if there is room in the buffer.
pnBytesRead
Pointer to a variable that receives the number of bytes read by the function.
pnMinNumberOfBytesNeeded
Pointer to a variable that receives the number of bytes required for the next log entry. This count is valid only if ReadEventLog returns zero and GetLastError returns ERROR_INSUFFICIENT_BUFFER.

Return Values

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError.

---------------------- Foot bar ----------------------

* All Rights Reserved * 版权所有 * 2000-2006 * www.viviasoft.com * Powered by supertree & xforum *