Kiran's Blog

Ramblings from a dehydrated mind…

  • Archives

  • Blog Stats

    • 9,866
«
»

Event logging using event viewer..

Posted by kiraninbng on July 14, 2006

Event logging is a way for applications /operating system  to log important events.The event-logging service stores events from
various sources in a single collection called an event log.The Event Viewer enables you to view logs.

Below are the steps to create an entry in the event viewer,

1. Create a message file
Ex :
; /* Sample.mc
;
; This is a sample message file. It contains a comment block, followed by a
; header section, followed by messages in two languages.
;
; */

; // This is the header section.

MessageIdTypedef=DWORD

SeverityNames=(Success=0×0:STATUS_SEVERITY_SUCCESS
               Informational=0×1:STATUS_SEVERITY_INFORMATIONAL
               Warning=0×2:STATUS_SEVERITY_WARNING
               Error=0×3:STATUS_SEVERITY_ERROR
              )

FacilityNames=(System=0×0:FACILITY_SYSTEM
               Runtime=0×2:FACILITY_RUNTIME
               Stubs=0×3:FACILITY_STUBS
               Io=0×4:FACILITY_IO_ERROR_CODE
              )

LanguageNames=(English=0×409:MSG00409)

; // The following are message definitions.
MessageId=100
SymbolicName=EVMSG_SAMPLE
Language=English
The is a sample message file.

2. Using message compiler compile it into a resource script file
Ex : mc -U Sample.mc 

3. Using resource compiler compile the rc file into a binary res file
Ex: rc -r Sample.rc

4. Create a reource only dll using the res file
Ex: link -dll -noentry Sample.res

5. Add a event source to registry,also put an entry for message file

HKEY_LOCAL_MACHINE
     SYSTEM
          CurrentControlSet
               Services
                    EventLog
                         Application
                              <MYAPPLICATION>
-Create a EventMessageType value under MYAPPLICATION ,and set the value to the  message dll generated using step 4

6. Get the handle to the eventlog source in the registry
7. Log the event into the log
8. Release the handle

Sample code for steps 6 to 8
——————————————

HANDLE h;
h = RegisterEventSource(NULL,”MYAPPLICATION”);           // Step 6

if (!ReportEvent(h,EVENTLOG_ERROR_TYPE,0,100,NULL,0,0,NULL,NULL))                // Step 7
{
   printf(“Could not report the event.”);
}

DeregisterEventSource(h); //Step 8

9. Read/open the log programatically or view it using eventvwr.
   -Run EventVwr and check the for the event entry

This entry was posted on July 14, 2006 at 11:31 am and is filed under MFC. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

«
»