Book HomeJava and XSLTSearch this book
PreviousNext

22.4. Win32::Eventlog

This module makes the Windows NT event log accessible to your Perl programs. It allows you to create new records, read records, and create backup logfiles. The new constructor opens a server's event log as an object: 

$log = Win32::EventLog->new(source, [server]);

This function opens an event log and returns an object reference. source specifies the name of the source event, and server specifies the name of the server (local is assumed if no server name is given).

Many of the methods for this module require a reference to an empty variable as an argument. This is how the return value of the method will be placed, whether it is a hash or a scalar. The following methods can be used on event log objects.

Backup
$log->Backup(filename)

Saves the current open event log to a file named by filename.

Clear
$log->Clear([filename])

Writes the current event log to the file filename (if supplied) and clears the event log.

GetNumber
$log->GetNumber(\$number)

Returns the number of events as the value of the scalar variable number.

GetOldest
$log->GetOldest(\$record)

Returns the record number of the oldest record in the event log to the scalar $record.

Read
$log->Read(flags, offset, \%eventinfo)

Reads an entry from the event log and returns the information in the eventinfo hash. offset specifies the record number you want to start at in the log. flags sets options for how you want to read the log, which can be any combination of the following:

EVENTLOG_FORWARDS_READ
Eventlog is read in forward chronological order.

EVENTLOG_BACKWARDS_READ
Eventlog is read in reverse chronological order.

EVENTLOG_SEEK_READ
The read begins at the record specified by the $RecordOffset parameter. Must also specify EVENT_LOG_FORWARDS_READ or EVENTLOG_BACKWARDS_READ.

EVENTLOG_SEQUENTIAL_READ
The read continues sequentially from the last read call.

The final argument is the output object for the event read. eventinfo is a reference to a hash that contains keys for each part of the event description. This same structure is used when you report new events to the event log using the Report method. The eventinfo hash looks like this: 

%event = (
    EventID             => val,
    EventType           => val,
    Category            => val,
    ClosingRecordNumber => val,
    Source              => val,
    Computer            => val,
    Strings             => val,
    Data                => val,
);
Report
$log->Report(\%eventinfo)

Reports an event to the event log. The information for the event to be recorded is given in a hash, %eventinfo, which should contain values for at least the following keys:

EventType
A string describing the type of event to be reported. The options for EventType are: 

EVENTLOG_ERROR_TYPE          Error event               
EVENTLOG_WARNING_TYPE        Warning event             
EVENTLOG_INFORMATION_TYPE    Information event         
EVENTLOG_AUDIT_SUCCESS_TYPE  Success Audit event       
EVENTLOG_AUDIT_FAILURE_TYPE  Failure Audit event
Category
An integer value for the category of the event, defined by the application.

EventID
Source-specific ID for the event.

Data
Raw binary data for the event.

Strings
Any text strings to merge that provide a description of the event.

PreviousHomeNext
22.3. Win32::ChangeNotifyBook Index22.5. Win32::File
Library Navigation Links

Copyright © 2002 O'Reilly & Associates. All rights reserved.