use ReadEventLog APIhttp://msdn.microsoft.com/library/en-us/debug/eventlog_2hif.asp?frame=truehere is an example: http://msdn.microsoft.com/library/en-us/debug/eventlog_2u93.asp?frame=truethis article is also interesting Windows NT Event Logging http://www.oreilly.com/catalog/winlog/chapter/ch02.html
ReadEventLog The ReadEventLog function reads a whole number of entries from the specified event log. The function can be used to read log entries in forward or reverse chronological order. BOOL ReadEventLog( HANDLE hEventLog, // handle to event log DWORD dwReadFlags, // specifies how to read log DWORD dwRecordOffset, // number of first record LPVOID lpBuffer, // address of buffer for read data DWORD nNumberOfBytesToRead, // number of bytes to read DWORD *pnBytesRead, // number of bytes read DWORD *pnMinNumberOfBytesNeeded // number of bytes required for next // record ); 参考: http://www.codeproject.com/system/sysevent.asp
http://msdn.microsoft.com/library/en-us/debug/eventlog_2u93.asp?frame=truethis article is also interesting
Windows NT Event Logging
http://www.oreilly.com/catalog/winlog/chapter/ch02.html
The ReadEventLog function reads a whole number of entries from the specified event log. The function can be used to read log entries in forward or reverse chronological order. BOOL ReadEventLog(
HANDLE hEventLog, // handle to event log
DWORD dwReadFlags, // specifies how to read log
DWORD dwRecordOffset, // number of first record
LPVOID lpBuffer, // address of buffer for read data
DWORD nNumberOfBytesToRead, // number of bytes to read
DWORD *pnBytesRead, // number of bytes read
DWORD *pnMinNumberOfBytesNeeded
// number of bytes required for next
// record
);
参考:
http://www.codeproject.com/system/sysevent.asp