I need to read the Security Event Log and then show the EVENTLOGRECORD as a
String. Reading records works fine but when I format the string that I'm
going to show the FormatMessage function generate an "Unhandled exception ...
(NTDLL.DLL) ... Access violation". I found a code sample on the net that I've
used to format the string but this generate the same problem. I need your
help. Now, I posted this code this funtion to format the EVENTLOGRECORD data,
any suggestions?.
BOOL GetDescription( char *Log, EVENTLOGRECORD *EventLogRecPtr , char *tmpStr)
{
int i=0,I ,j;
unsigned long FileNameModuleS ize = 100;
char tmp[200];
HKEY nKeyHandle=0;
BYTE FileNameModule[100],expbuffer[BUFFER_SIZE];
LPTSTR message, *strings, AllocedStr[20] ;
LPVOID lpBuffer;
sprintf(tmp,"SY STEM\\CurrentCo ntrolSet\\Servi ces\\EventLog\\ %s\\%s",
Log, (LPBYTE)EventLo gRecPtr + sizeof(EVENTLOG RECORD));
RegOpenKey(HKEY _LOCAL_MACHINE, (LPTSTR) tmp,&nKeyHandle );
RegQueryValueEx (nKeyHandle,"Ev entMessageFile" ,NULL,NULL,
FileNameModule, &FileNameModule Size);
ExpandEnvironme ntStrings((LPCT STR)FileNameMod ule, (LPSTR)expbuffe r,
BUFFER_SIZE);
RegCloseKey(HKE Y_LOCAL_MACHINE );
if (nKeyHandle)
{
message = (LPTSTR)((LPBYT E)EventLogRecPt r + EventLogRecPtr->StringOffset );
strings = (char**)malloc( sizeof(LPVOID)* EventLogRecPtr->NumStrings);
for (j = 0; j < EventLogRecPtr->NumStrings;j++ )
{
if (strstr(message ,"%%"))
{
(LPTSTR) strings[j] = GetParameterMsg (message, tmp);
AllocedStr[i++] = strings[j];
}
else
(LPTSTR) strings[j] = message;
message = message + strlen(message) +1;
}
HMODULE hlib = LoadLibraryEx(( LPCTSTR)expbuff er, NULL,
LOAD_LIBRARY_AS _DATAFILE);
I=FormatMessage ( FORMAT_MESSAGE_ FROM_HMODULE |
FORMAT_MESSAGE_ ALLOCATE_BUFFER | FORMAT_MESSAGE_ ARGUMENT_ARRAY,
hlib,
EventLogRecPtr->EventID,
0,
(LPTSTR)&lpBuff er,
sizeof(lpBuffer ),
(LPTSTR *)(strings));
if( I == 0)
{
while (i >0)
{
free(AllocedStr[--i]);
}
MissatgesError( );
if(lpBuffer == NULL)
LocalFree( lpBuffer );
return False;
}
strcpy(tmpStr, (char *) lpBuffer);
for(I = 0; I< (int) strlen(tmpStr); I++)
{
if((tmpStr[i] != 0) && ((tmpStr[i] > 0 && tmpStr[i] < 32)))
tmpStr[i] = 32;
}
LocalFree( lpBuffer );
FreeLibrary(hli b);
return True;
}
return False;
}
0  1299  This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Scott Shaw |
last post by:
Hi all,
I was wondering if you could help out with this problem that I am having.
What I am trying to do is detect keyboard input in a while loop without
halting/pausing the loop until the key is pressed (without hitting return).
I looked at serveral faq's on the net and installed the cspan readkey module
and neither seems to work most likey its me since I am getting frustrated.
but anyway here's a sample code.
while (1) {
if...
|
by: Catherine Lynn Smith |
last post by:
I'm looking through the client side javascript reference and there's
some mighty useful information in here, but it is not very specific on
'reading' information from event handlers.
In the interest of streamlining my scripting, I was thinking I could
write multi-purpose functions to handle mouseOver and mouseOut events.
Thus far, I am manually passing if it is an Over or Out event, but it
occurs to me that there might be a way to read...
|
by: Bwalker252 |
last post by:
Anyone with experience with this property? I seem unable to change it. I've
been trying to use it with a simple text box, using the property options in the
properties window and I've also tried setting it using event code. Neither
seems to have any effect.
Anybody who has used this, how have you used it?
Betsy
|
by: Greg Smith |
last post by:
I have an old application that analyzes the data in the event log on one of
our servers. I would like to convert it to C#. Does anybody know of any
examples of reading the event log on a remote system in C#.
Any help is greatly appreciated.
|
by: JoKur |
last post by:
Hello,
First let me tell you that I'm very new to C# and learning as I go. I'm
trying to write a client application to communicate with a server (that I
didn't write). Each message from the server is on one line (\r\n at end) and
is formed as - each of
which is seperated by a space. Arguments with spaces in them are enclosed in
quotations.
So, I'm able to open a connection to the server. When I send a message to
| | |
by: Manfred Braun |
last post by:
Hi All,
I have a problem reading queue-messages async. My QueueReader has a Start()
and a Stop() method and if my app starts, it calls Start(). The problem is,
that there are possibly several hundreds of messages in the queue, which I
do not want to have processed by the async messagehandler at startup. So in
Start(), I create a new thread, which's method just simply
enums the queue-messages . At the end
of this thread, I fire an...
|
by: hecsan07 |
last post by:
Hey
I am trying to read the Windows Event Logc. In fact, I am able to read the
Event Log. My problem is that I am reading and filtering a large log and it
takes a very very very very long time to complete. I am using the ordinary
technique for reading/writing from and to the Event Log. I am wondering if
there is a better way to speed things up. Below is an excerpt of the code I
am using (notice that I am filtering by Category and...
|
by: Robert Scheer |
last post by:
Hi.
I need to write a service that writes to a database the time of the
logon and logoff of the users. Our users logs on Active Directory and
some can also log as local administrators. The majority of the
workstations are Windows 2000 and some are Windows XP. I am reading
about WMI but have found some limitations when reading the WMI
structures, mainly with Windows 2000.
What is the best way to read logon/logoff information in this...
|
by: blazedaces |
last post by:
Ok, so you know my problem, java is running out of memory reading with SAX, the event-based xml parser intended more-so than DOM for extremely large files. I'll try to explain what I've been doing and why I have to do it. Hopefully someone has a suggestion...
Alright, so I'm using a gps-simulation program that outputs gps data, like longitude, lattitude, altitude, etc. (hundreds of terms, these are just the well known ones). In the newer...
|
by: stevedub |
last post by:
I am having some trouble configuring my array to read from a sequential file, and then calling on that to fill an array of interests. I think I have the class set up to read the file, but when I run my program the rates array does not get the information. I think my problem is where I am actuall calling the array index, but I am not sure how to do this. Here is my code:
/*
* MortFrame.java
*
* Created on February 24, 2008, 7:28 PM
*/...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
