Помогите плиз разобраться. Надобно прочитать данные оттуда. Даты для начала.
Попробовал сваять:
Код: Выделить всё
MODULE('Advapi32.dll')
OpenEventLog(*CSTRING,*CSTRING),HANDLE,PASCAL,RAW,NAME('OpenEventLogA')
CloseEventLog(HANDLE),BOOL,PROC,PASCAL,RAW
ReadEventLog(HANDLE,DWORD,DWORD,*STRING,DWORD,*DWORD,*DWORD),BOOL,PASCAL,NAME('ReadEventLogA')
!ReadEventLog(HANDLE,DWORD,DWORD,*BYTE[],DWORD,*DWORD,*DWORD),BOOL,PASCAL,NAME('ReadEventLogA')
END
....
EVENTLOGRECORD GROUP,TYPE
Length DWORD
Reserved DWORD
RecordNumber DWORD
TimeGenerated DWORD
TimeWritten DWORD
EventID DWORD
EventType WORD
NumStrings WORD
EventCategory WORD
ReservedFlags WORD
ClosingRecordNumber DWORD
StringOffset DWORD
UserSidLength DWORD
UserSidOffset DWORD
DataLength DWORD
DataOffset DWORD
END
EVENTLOG_SEQUENTIAL_READ EQUATE(0001h)
EVENTLOG_SEEK_READ EQUATE(0002h)
EVENTLOG_FORWARDS_READ EQUATE(0004h)
EVENTLOG_BACKWARDS_READ EQUATE(0008h)
ERROR_INSUFFICIENT_BUFFER EQUATE(07Ah)
ERROR_HANDLE_EOF EQUATE(026h)
....
hEventLog HANDLE
status DWORD
dwBytesToRead DWORD
dwBytesRead DWORD
dwMinimumBytesToRead DWORD
pBuffer &STRING
LOC:ServerName CSTRING(60)
LOC:SourceName CSTRING(60)
....
LOC:ServerName = ''
LOC:SourceName = 'Application'
hEventLog = OpenEventLog(LOC:ServerName, LOC:SourceName)
if hEventLog
!dwBytesToRead = 64
!dwBytesToRead = size(EVENTLOGRECORD)
dwBytesToRead = 10000h
pBuffer &= new(string(dwBytesToRead))
if ~(pBuffer &= null)
if ReadEventLog(hEventLog, |
EVENTLOG_SEEK_READ + EVENTLOG_BACKWARDS_READ, |
1, pBuffer, dwBytesToRead, dwBytesRead, dwMinimumBytesToRead) = 0
status = GetLastError();
if ERROR_INSUFFICIENT_BUFFER = status
stop('ERROR_INSUFFICIENT_BUFFER')
! status = ERROR_SUCCESS;
!
! pTemp = (PBYTE)realloc(pBuffer, dwMinimumBytesToRead);
! if (NULL == pTemp)
! {
! wprintf(L"Failed to reallocate the memory for the record buffer (%d bytes).\n", dwMinimumBytesToRead);
! goto cleanup;
! }
!
! pBuffer = pTemp;
! dwBytesToRead = dwMinimumBytesToRead;
else
if ERROR_HANDLE_EOF <> status
stop('ERROR '&status)
! wprintf(L"ReadEventLog failed with %lu.\n", status);
! goto cleanup;
else
stop('ERROR_INSUFFICIENT_BUFFER')
end
end
else
stop(pBuffer[1:255])
! // Print the contents of each record in the buffer.
! DumpRecordsInBuffer(pBuffer, dwBytesRead);
end
clear(pBuffer)
dispose(pBuffer)
else
stop('pBuffer is null')
end
CloseEventLog(handleLog#)
else
stop('OpenEventLog filed '&GetLastError())
end
RPC_X_BAD_STUB_DATA 1783 (0x6F7)
The stub received bad data.
вроде как связана с неправильной передачей параметров. Дальше продвинуться не смог. Пробовал передавать и CSTRING и BYTE[], результат тот же.