473,467 Members | 1,570 Online
Bytes | Software Development & Data Engineering Community
Create Post

Home Posts Topics Members FAQ

Reading Event Log

rth
I need to read the Security Event Log and then show the EVENTLOGRECORD as a
String. Reading records works fine but when I format the string that I'm
going to show the FormatMessage function generate an "Unhandled exception ...
(NTDLL.DLL) ... Access violation". I found a code sample on the net that I've
used to format the string but this generate the same problem. I need your
help. Now, I posted this code this funtion to format the EVENTLOGRECORD data,
any suggestions?.

BOOL GetDescription(char *Log, EVENTLOGRECORD *EventLogRecPtr, char *tmpStr)
{
int i=0,I ,j;
unsigned long FileNameModuleSize = 100;
char tmp[200];
HKEY nKeyHandle=0;
BYTE FileNameModule[100],expbuffer[BUFFER_SIZE];
LPTSTR message, *strings, AllocedStr[20] ;
LPVOID lpBuffer;

sprintf(tmp,"SYSTEM\\CurrentControlSet\\Services\\ EventLog\\%s\\%s",
Log, (LPBYTE)EventLogRecPtr + sizeof(EVENTLOGRECORD));

RegOpenKey(HKEY_LOCAL_MACHINE,(LPTSTR) tmp,&nKeyHandle);

RegQueryValueEx(nKeyHandle,"EventMessageFile",NULL ,NULL,
FileNameModule, &FileNameModuleSize);

ExpandEnvironmentStrings((LPCTSTR)FileNameModule, (LPSTR)expbuffer,
BUFFER_SIZE);
RegCloseKey(HKEY_LOCAL_MACHINE);

if (nKeyHandle)
{
message = (LPTSTR)((LPBYTE)EventLogRecPtr + EventLogRecPtr->StringOffset);

strings = (char**)malloc(sizeof(LPVOID)*EventLogRecPtr->NumStrings);

for (j = 0; j < EventLogRecPtr->NumStrings;j++)
{
if (strstr(message,"%%"))
{
(LPTSTR) strings[j] = GetParameterMsg(message, tmp);
AllocedStr[i++] = strings[j];
}
else
(LPTSTR) strings[j] = message;

message = message + strlen(message) +1;

}

HMODULE hlib = LoadLibraryEx((LPCTSTR)expbuffer, NULL,
LOAD_LIBRARY_AS_DATAFILE);

I=FormatMessage( FORMAT_MESSAGE_FROM_HMODULE |
FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_ARGUMENT_ARRAY,
hlib,
EventLogRecPtr->EventID,
0,
(LPTSTR)&lpBuffer,
sizeof(lpBuffer),
(LPTSTR *)(strings));

if( I == 0)
{
while (i >0)
{
free(AllocedStr[--i]);
}

MissatgesError();

if(lpBuffer == NULL)
LocalFree( lpBuffer );
return False;
}

strcpy(tmpStr, (char *) lpBuffer);

for(I = 0; I< (int) strlen(tmpStr);I++)
{
if((tmpStr[i] != 0) && ((tmpStr[i] > 0 && tmpStr[i] < 32)))
tmpStr[i] = 32;
}

LocalFree( lpBuffer );
FreeLibrary(hlib);
return True;
}
return False;
}
Nov 17 '05 #1
0 1285
Create Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
detect keyboard input without reading it?
by: Scott Shaw | last post by:
Hi all, I was wondering if you could help out with this problem that I am having. What I am trying to do is detect keyboard input in a while loop without halting/pausing the loop until the key is...
Perl
3
reading 'type' from eventhandlers
by: Catherine Lynn Smith | last post by:
I'm looking through the client side javascript reference and there's some mighty useful information in here, but it is not very specific on 'reading' information from event handlers. In the...
Javascript
3
Reading Order
by: Bwalker252 | last post by:
Anyone with experience with this property? I seem unable to change it. I've been trying to use it with a simple text box, using the property options in the properties window and I've also tried...
Microsoft Access / VBA
4
Reading The Event Log On a Remote System
by: Greg Smith | last post by:
I have an old application that analyzes the data in the event log on one of our servers. I would like to convert it to C#. Does anybody know of any examples of reading the event log on a remote...
C# / C Sharp
21
StreamReader not reading all lines
by: JoKur | last post by:
Hello, First let me tell you that I'm very new to C# and learning as I go. I'm trying to write a client application to communicate with a server (that I didn't write). Each message from the...
C# / C Sharp
0
Problem reading messages async after doing an enum at app-start [.Net 1.1]
by: Manfred Braun | last post by:
Hi All, I have a problem reading queue-messages async. My QueueReader has a Start() and a Stop() method and if my app starts, it calls Start(). The problem is, that there are possibly several...
C# / C Sharp
1
Reading the Windows Event Log
by: hecsan07 | last post by:
Hey I am trying to read the Windows Event Logc. In fact, I am able to read the Event Log. My problem is that I am reading and filtering a large log and it takes a very very very very long time...
C# / C Sharp
2
Reading logon/logoff datetime
by: Robert Scheer | last post by:
Hi. I need to write a service that writes to a database the time of the logon and logoff of the users. Our users logs on Active Directory and some can also log as local administrators. The...
.NET Framework
5
blazedaces
Problem: "java.lang.OutOfMemoryError: Java heap space" while reading xml using SAX
by: blazedaces | last post by:
Ok, so you know my problem, java is running out of memory reading with SAX, the event-based xml parser intended more-so than DOM for extremely large files. I'll try to explain what I've been doing...
Java
1
Problem reading a sequential file and creating an array
by: stevedub | last post by:
I am having some trouble configuring my array to read from a sequential file, and then calling on that to fill an array of interests. I think I have the class set up to read the file, but when I run...
Java
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
1
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
C# / C Sharp
0
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration
0
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us