marty
Professional Member
Joined: 10 May 2001
Posts: 789
|
 Posted: Thu Jan 26, 2006 6:38 pm Post subject: Need help with Eventlog writing using CodeScript code |
 |
|
Hi,
I found this old code that codescript wrote a while back, which basically writes information an eventlog and the NT eventviewer.
I can't seem to make it work properly... It does write to the event viewer, but the Hello word is all garbaged.
Anyone know why?
Here is the code:
| Code: | rem Please Note that the script will work only after
REM you install the vds update giving you the ability
REM to use more than 8 parameters in @LIB() function.
REM Else the app will simply crash !
REM You use this script entirely at your own risk.
IF @SYSINFO(ISNT)
goto START
ELSE
%R = @msgbox(NT Event Log cannot be written on a non NT OS !!!,Wrong Operating System,$010)
EXIT
:START
TITLE Writing NT Event Log CodeSript
DIALOG CREATE,Writing NT Event Log CodeSript,-1,0,377,135
DIALOG ADD,BUTTON,BUTTON1,51,78,216,41,Write Hello World to C:\testlog.evt
DIALOG SHOW
:EVLOOP
WAIT EVENT
GOTO @EVENT()
:BUTTON1BUTTON
REM %1 = Eventlog file to open.
%1 = "C:\testlog.evt"
REM +++++++++++++++++
REM %2 = event type
REM EVENTLOG_SUCCESS = $0
REM EVENTLOG_ERROR_TYPE = $1
REM EVENTLOG_WARNING_TYPE = $2
REM EVENTLOG_INFORMATION_TYPE = $4
REM EVENTLOG_AUDIT_SUCCESS = $8
REM EVENTLOG_AUDIT_FAILURE = $10
REM EVENTLOG_SEQUENTIAL_READ = $1
REM EVENTLOG_SEEK_READ = $2
REM EVENTLOG_FORWARDS_READ = $4
REM EVENTLOG_BACKWARDS_READ = $8
%2 = $1
REM ++++++++++++++
REM %3 = event category
REM Specifies the event category.
REM This is source-specific information;
REM the category can have any value.
%3 = 1
REM +++++++++++++++
REM %4 = Specifies the event.
REM The event identifier specifies the message that
REM goes with this event as an entry in the message
REM file associated with the event source.
%4 = 1
REM +++++++++++++++
REM %5 = Pointer to the current user's security identifier.
REM This parameter can be NULL if the security
REM identifier is not required.
%5 = 0
REM +++++++++++++++
REM %6 = Specifies the number of strings in the array
REM pointed to by the lpStrings parameter.
REM A value of zero indicates that no strings are present.
%6 = 1
REM +++++++++++++++
REM %7 = Specifies the number of bytes of event-specific
REM raw (binary) data to write to the log. If this parameter
REM is zero, no event-specific data is present.
%7 = 0
REM +++++++++++++++
REM %8 = Pointer to a buffer containing an array
REM of null-terminated strings that are merged into the
REM message from the message file before Event Viewer displays
REM the string to the user. This parameter must be a valid pointer
REM (or NULL), even if wNumStrings is zero.
REM Each string has a limit of 32K bytes.
%8 = "Hello world"
REM +++++++++++++++
REM %9 = Pointer to the buffer containing the binary data.
REM This parameter must be a valid pointer (or NULL),
REM even if the dwDataSize parameter is zero.
%9 = 0
REM *******************************************
REM The parameters are given local variables 1-9
REM so that you can easily divide the part below
REM as a seperate include file or a DSU after defining
REM a custom function/command for the same.
REM *******************************************
LOADLIB advapi32.dll
LOADLIB kernel32.dll
%H = @LIB(advapi32,OpenEventLogA,INT:,NIL:,STR:%1)
REM This commmand below will clear all the entries present
REM It is only OK for custom event log like this
REM If You are using on default log file REM it,
REM Else all the logs are cleared.
#%C = @LIB(advapi32,ClearEventLogA,INT:,INT:%H,NIL:)
%M = %8
%B = @LIB(advapi32,ReportEventA,BOOL:,%H,%2,%3,%4,%5,%6,%7,@ADDR("%M"),%9)
%R = @BINARY(DWORD,0)
%O = @BINARY(DWORD,0)
%B = @LIB(advapi32,GetNumberOfEventLogRecords,BOOL:,INT:%H,@ADDR("%R"))
%B = @LIB(advapi32,GetOldestEventLogRecord,BOOL:,INT:%H,@ADDR("%O"))
%F = %1
%B = @LIB(advapi32,BackupEventLogA,BOOL:,INT:%H,@ADDR("%F"))
%B = @LIB(advapi32,CloseEventLog,BOOL:,INT:%H)
FREELIB advapi32.dll
REM End of API functions
#INFO There are @VAL(%R) records now in your event log file %1 !@CR() Oldest record number is @VAL(%O)
#INFO Now open your eventlog %1 from event viewer Options Menu which will be launched shortly.
SHELL OPEN,eventvwr
GOTO EVLOOP
:CLOSE
EXIT
|
Thanks |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
@vdsworld