16,472
社区成员
发帖
与我相关
我的任务
分享我想读取NT的安全日志(就是事件察看器中显示的内容),请问使用什麽API可以获取这些数据?
我正在编写一个应用,需要提取系统的安全日志(就是事件察看器中显示的内容);另外,系统是否提供了API可以访问和修改系统的安全策略(主要指文件和对象的访问的权限设置),请各位指点,谢谢!!!
...全文
请发表友善的回复…
发表回复
pcman1990 2002-06-29
- 打赏
- 举报
MSDN index中输入 Event Logging Overview,可以查阅详细的介绍
pcman1990 2002-06-29
- 打赏
- 举报
ReadEventLog
The ReadEventLog function reads a whole number of entries from the specified event log. The function can be used to read log entries in forward or reverse chronological order.
BOOL ReadEventLog(
HANDLE hEventLog, // handle to event log
DWORD dwReadFlags, // specifies how to read log
DWORD dwRecordOffset, // number of first record
LPVOID lpBuffer, // address of buffer for read data
DWORD nNumberOfBytesToRead, // number of bytes to read
DWORD *pnBytesRead, // number of bytes read
DWORD *pnMinNumberOfBytesNeeded
// number of bytes required for next
// record
);
参考:
http://www.codeproject.com/system/sysevent.asp
The ReadEventLog function reads a whole number of entries from the specified event log. The function can be used to read log entries in forward or reverse chronological order.
BOOL ReadEventLog(
HANDLE hEventLog, // handle to event log
DWORD dwReadFlags, // specifies how to read log
DWORD dwRecordOffset, // number of first record
LPVOID lpBuffer, // address of buffer for read data
DWORD nNumberOfBytesToRead, // number of bytes to read
DWORD *pnBytesRead, // number of bytes read
DWORD *pnMinNumberOfBytesNeeded
// number of bytes required for next
// record
);
参考:
http://www.codeproject.com/system/sysevent.asp
saucer 2002-06-29
- 打赏
- 举报
use ReadEventLog API
http://msdn.microsoft.com/library/en-us/debug/eventlog_2hif.asp?frame=true
here is an example:
http://msdn.microsoft.com/library/en-us/debug/eventlog_2u93.asp?frame=true
this article is also interesting
Windows NT Event Logging
http://www.oreilly.com/catalog/winlog/chapter/ch02.html
http://msdn.microsoft.com/library/en-us/debug/eventlog_2hif.asp?frame=true
here is an example:
http://msdn.microsoft.com/library/en-us/debug/eventlog_2u93.asp?frame=true
this article is also interesting
Windows NT Event Logging
http://www.oreilly.com/catalog/winlog/chapter/ch02.html
