Vanilla C with Sprinkles – Windows Event Log
Checking the event log using vanilla c
Published by Ryan Boucher @ 11:55 pm
The Event Log C functions make use of the Log Parser application. You’ll need this in a central location so that any script can call it. You will also need some file reading and string manipulating functions.
Get Event
void GetEvent (const char* EventId, const char* Event)
{
if (!ExceptionReportingEnabled ())
{
//only check for exceptions if we are supposed to
return ;
}
lr_save_string (EventId, "__EventId") ;
Create_GetEvent_BatchFile (EventId) ;
system ("ServiceTest.bat") ;
ReadFile (lr_eval_string("{TempFile}"), "FileData", "ISO-10646-UCS-2") ;
lr_xml_extract
(
"XML={FileData}",
"FastQuery=ROOT/ROW",
"XMLFragmentParam=__Event",
"NotFound=Continue",
LAST
);
lr_save_string (lr_eval_string ("{__Event}"), Event) ;
}
The follow function is used to create a batch file. This is the best option that trying to call the LogParser directly from the command line.
void Create_GetEvent_BatchFile (const char* EventId)
{
long FileHandle = 0 ;
lr_set (EventId, "__EventId") ;
lr_set
(
lr_get
(
"\"\\\\vcclfs02-data1\\Wessupp\\Applications Test Team\\ServiceTest\\Tools\\Log Parser 2.2\\LogParser.exe\" -i:EVT -o:xml -schemaType:0 -compact -oCodepage:0
\"SELECT
EventLog,
RecordNumber,
TimeGenerated,
TimeWritten,
EventId,
EventType,
EventTypeName,
EventCategory,
EventCategoryName,
SourceName,
ComputerName,
SID,
Message
INTO
{TempFile}
FROM
\\\\{Server}\\{EventLogSource}
WHERE
RecordNumber = '{__EventId}'\""
),
"__Create_GetEvent_BatchFile"
) ;
lr_set (lr_get ("{__Create_GetEvent_BatchFile}"), "__ServiceTest_LastBatchBody") ;
FileHandle = fopen("ServiceTest.bat", "w") ;
if (!FileHandle)
{
lr_error_message ("Unable to create the \"ServiceTest.bat\" file.") ;
return ;
}
fprintf (FileHandle, lr_get ("{__Create_GetEvent_BatchFile}")) ;
fclose (FileHandle) ;
}
Get Most Recent Event Record Number
If we wanted to get the highest record number in the log at the current point in time; use this log parser call in the batch file.
lr_set
(
lr_get
(
"\"\\\\vcclfs02-data1\\Wessupp\\Applications Test Team\\ServiceTest\\Tools\\Log Parser 2.2\\LogParser.exe\" -i:EVT -o:xml -schemaType:0 -compact -oCodepage:0
\"SELECT
MAX(RecordNumber)
INTO
{TempFile}
FROM
\\\\{Server}\\{EventLogSource}
WHERE
SourceName = '{FullServiceName}'\""
),
"__Create_GetMostRecentEventRecordNumber_BatchFile"
) ;
Call like GetEvent above but you should trim the response so it can be cast as a number
void GetMostRecentEventRecordNumber (HpParameter StartEventCount)
{
if (!ExceptionReportingEnabled ())
{
//only check for exceptions if we are supposed to
return ;
}
Create_GetMostRecentEventRecordNumber_BatchFile () ;
system ("ServiceTest.bat") ;
ReadFile (lr_eval_string("{TempFile}"), "FileData", "UTF-8") ;
lr_xml_get_values
(
"XML={FileData}",
"FastQuery=ROOT/ROW/MAX_ALL_RecordNumber_",
"ValueParam=__GetMostRecentEventRecordNumber_StartEventCount",
"NotFound=Continue",
LAST
);
Trim (lr_get("{__GetMostRecentEventRecordNumber_StartEventCount}"), StartEventCount) ;
}
|
Ryan Boucher is a Software Inquisitor and is passionate about it. You can find a whole raft of articles and anecdotes about software testing and other topics he gets excited about. |
| Tags |
