📄 readevtdlg.cpp
字号:
// ReadEVTDlg.cpp : implementation file
//
#include "stdafx.h"
#include "ReadEVT.h"
#include "ReadEVTDlg.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
/////////////////////////////////////////////////////////////////////////////
// CReadEVTDlg dialog
CReadEVTDlg::CReadEVTDlg(CWnd* pParent /*=NULL*/)
: CDialog(CReadEVTDlg::IDD, pParent)
{
//{{AFX_DATA_INIT(CReadEVTDlg)
// NOTE: the ClassWizard will add member initialization here
//}}AFX_DATA_INIT
// Note that LoadIcon does not require a subsequent DestroyIcon in Win32
m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
}
void CReadEVTDlg::DoDataExchange(CDataExchange* pDX)
{
CDialog::DoDataExchange(pDX);
//{{AFX_DATA_MAP(CReadEVTDlg)
DDX_Control(pDX, IDC_LIST1, m_List);
//}}AFX_DATA_MAP
}
BEGIN_MESSAGE_MAP(CReadEVTDlg, CDialog)
//{{AFX_MSG_MAP(CReadEVTDlg)
ON_WM_PAINT()
ON_WM_QUERYDRAGICON()
ON_BN_CLICKED(IDC_ReadEvent, OnReadEvent)
ON_BN_CLICKED(IDC_ClearEvent, OnClearEvent)
ON_BN_CLICKED(IDC_ClearSystem, OnClearSystem)
ON_BN_CLICKED(IDC_ClearSecurity, OnClearSecurity)
ON_BN_CLICKED(IDC_ReadSystem, OnReadSystem)
ON_BN_CLICKED(IDC_ReadSecurity, OnReadSecurity)
ON_BN_CLICKED(IDC_ReadDNS, OnReadDNS)
ON_BN_CLICKED(IDC_ClearDNS, OnClearDNS)
//}}AFX_MSG_MAP
END_MESSAGE_MAP()
/////////////////////////////////////////////////////////////////////////////
// CReadEVTDlg message handlers
BOOL CReadEVTDlg::OnInitDialog()
{
CDialog::OnInitDialog();
// Set the icon for this dialog. The framework does this automatically
// when the application's main window is not a dialog
SetIcon(m_hIcon, TRUE); // Set big icon
SetIcon(m_hIcon, FALSE); // Set small icon
// TODO: Add extra initialization here
return TRUE; // return TRUE unless you set the focus to a control
}
// If you add a minimize button to your dialog, you will need the code below
// to draw the icon. For MFC applications using the document/view model,
// this is automatically done for you by the framework.
void CReadEVTDlg::OnPaint()
{
CPaintDC dc(this); // device context for painting
dc.SetTextColor(RGB(30,255,250));
dc.SetBkMode(TRANSPARENT);
CFont font;
font.CreateFont(28,10,0,0,0,0,0,0,0,0,0,0,0,0);
dc.SelectObject(&font);
dc.TextOut(30,260,"该程序演示如何读日志,清除日志 赵树升 2003");
if (IsIconic())
{
SendMessage(WM_ICONERASEBKGND, (WPARAM) dc.GetSafeHdc(), 0);
// Center icon in client rectangle
int cxIcon = GetSystemMetrics(SM_CXICON);
int cyIcon = GetSystemMetrics(SM_CYICON);
CRect rect;
GetClientRect(&rect);
int x = (rect.Width() - cxIcon + 1) / 2;
int y = (rect.Height() - cyIcon + 1) / 2;
// Draw the icon
dc.DrawIcon(x, y, m_hIcon);
}
else
{
CDialog::OnPaint();
}
}
// The system calls this to obtain the cursor to display while the user drags
// the minimized window.
HCURSOR CReadEVTDlg::OnQueryDragIcon()
{
return (HCURSOR) m_hIcon;
}
void CReadEVTDlg::OnReadEvent()
{
m_List.ResetContent();
HANDLE h;
CString inf;
EVENTLOGRECORD *pevlr;
BYTE bBuffer[5000];
DWORD dwRead, dwNeeded, dwThisRecord = 0;
// 打开应用日志
h = OpenEventLog(NULL, //打开本地计算机日志
"Application");//源名
if (h == NULL){
m_List.AddString("打开失败!");
return; }
pevlr = (EVENTLOGRECORD *) &bBuffer;
//一直读日志直到结束
while (ReadEventLog(h, //时件句柄
EVENTLOG_FORWARDS_READ | // 向前读
EVENTLOG_SEQUENTIAL_READ, // 循序读
0,
pevlr, // pointer to buffer
500, // size of buffer
&dwRead, // number of bytes read
&dwNeeded)) // bytes in next record
{
while (dwRead > 0)
{
inf.Format("%02d ID: 0x%08X Type: %d Source: %s\n",
dwThisRecord++,pevlr->EventID,pevlr->EventType,
(LPSTR)((LPBYTE) pevlr+sizeof(EVENTLOGRECORD)));
m_List.AddString(inf);
dwRead -= pevlr->Length;
pevlr = (EVENTLOGRECORD *)((LPBYTE) pevlr + pevlr->Length);
}
pevlr = (EVENTLOGRECORD *) &bBuffer;
}
CloseEventLog(h);
}
void CReadEVTDlg::OnClearEvent()
{
HANDLE h;
// 打开应用日志
h = OpenEventLog(NULL, //打开本地计算机日志
"Application");//源名
if (h == NULL){
m_List.AddString("打开失败!");
return; }
BOOL re=ClearEventLog(h,"c:\\back.txt");//第二参数为NULL,不备份
m_List.ResetContent();
if(re)m_List.AddString("清除日志成功");
else m_List.AddString("清除日志失败");
CloseEventLog(h);
}
void CReadEVTDlg::OnClearSystem()
{
HANDLE h;
// 打开应用日志
h = OpenEventLog(NULL, //打开本地计算机日志
"System");//源名
if (h == NULL){
m_List.AddString("打开失败!");
return; }
BOOL re=ClearEventLog(h,"c:\\back.txt");//第二参数为NULL,不备份
m_List.ResetContent();
if(re)m_List.AddString("清除日志成功");
else m_List.AddString("清除日志失败");
CloseEventLog(h);
}
void CReadEVTDlg::OnClearSecurity()
{
HANDLE h;
// 打开应用日志
h = OpenEventLog(NULL, //打开本地计算机日志
"Security");//源名
if (h == NULL){
m_List.AddString("打开失败!");
return; }
BOOL re=ClearEventLog(h,"c:\\back.txt");//第二参数为NULL,不备份
m_List.ResetContent();
if(re)m_List.AddString("清除日志成功");
else m_List.AddString("清除日志失败");
CloseEventLog(h);
}
void CReadEVTDlg::OnReadSystem()
{
m_List.ResetContent();
HANDLE h;
CString inf;
EVENTLOGRECORD *pevlr;
BYTE bBuffer[5000];
DWORD dwRead, dwNeeded, dwThisRecord = 0;
// 打开应用日志
h = OpenEventLog(NULL, //打开本地计算机日志
"System");//源名
if (h == NULL){
m_List.AddString("打开失败!");
return; }
pevlr = (EVENTLOGRECORD *) &bBuffer;
//一直读日志直到结束
while (ReadEventLog(h, //时件句柄
EVENTLOG_FORWARDS_READ | // 向前读
EVENTLOG_SEQUENTIAL_READ, // 循序读
0,
pevlr, // pointer to buffer
500, // size of buffer
&dwRead, // number of bytes read
&dwNeeded)) // bytes in next record
{
while (dwRead > 0)
{
inf.Format("%02d ID: 0x%08X Type: %d Source: %s\n",
dwThisRecord++,pevlr->EventID,pevlr->EventType,
(LPSTR)((LPBYTE) pevlr+sizeof(EVENTLOGRECORD)));
m_List.AddString(inf);
dwRead -= pevlr->Length;
pevlr = (EVENTLOGRECORD *)((LPBYTE) pevlr + pevlr->Length);
}
pevlr = (EVENTLOGRECORD *) &bBuffer;
}
CloseEventLog(h);
}
void CReadEVTDlg::OnReadSecurity()
{
m_List.ResetContent();
HANDLE h;
CString inf;
EVENTLOGRECORD *pevlr;
BYTE bBuffer[5000];
DWORD dwRead, dwNeeded, dwThisRecord = 0;
// 打开应用日志
h = OpenEventLog(NULL, //打开本地计算机日志
"Security");//源名
if (h == NULL){
m_List.AddString("打开失败!");
return; }
pevlr = (EVENTLOGRECORD *) &bBuffer;
//一直读日志直到结束
while (ReadEventLog(h, //时件句柄
EVENTLOG_FORWARDS_READ | // 向前读
EVENTLOG_SEQUENTIAL_READ, // 循序读
0,
pevlr, // pointer to buffer
500, // size of buffer
&dwRead, // number of bytes read
&dwNeeded)) // bytes in next record
{
while (dwRead > 0)
{
inf.Format("%02d ID: 0x%08X Type: %d Source: %s\n",
dwThisRecord++,pevlr->EventID,pevlr->EventType,
(LPSTR)((LPBYTE) pevlr+sizeof(EVENTLOGRECORD)));
m_List.AddString(inf);
dwRead -= pevlr->Length;
pevlr = (EVENTLOGRECORD *)((LPBYTE) pevlr + pevlr->Length);
}
pevlr = (EVENTLOGRECORD *) &bBuffer;
}
CloseEventLog(h);
}
void CReadEVTDlg::OnReadDNS()
{
m_List.ResetContent();
HANDLE h;
CString inf;
EVENTLOGRECORD *pevlr;
BYTE bBuffer[5000];
DWORD dwRead, dwNeeded, dwThisRecord = 0;
// 打开应用日志
h = OpenEventLog(NULL, //打开本地计算机日志
"DNS Server");//源名
if (h == NULL){
m_List.AddString("打开失败!");
return; }
pevlr = (EVENTLOGRECORD *) &bBuffer;
//一直读日志直到结束
while (ReadEventLog(h, //时件句柄
EVENTLOG_FORWARDS_READ | // 向前读
EVENTLOG_SEQUENTIAL_READ, // 循序读
0,
pevlr, // pointer to buffer
500, // size of buffer
&dwRead, // number of bytes read
&dwNeeded)) // bytes in next record
{
while (dwRead > 0)
{
inf.Format("%02d ID: 0x%08X Type: %d Source: %s\n",
dwThisRecord++,pevlr->EventID,pevlr->EventType,
(LPSTR)((LPBYTE) pevlr+sizeof(EVENTLOGRECORD)));
m_List.AddString(inf);
dwRead -= pevlr->Length;
pevlr = (EVENTLOGRECORD *)((LPBYTE) pevlr + pevlr->Length);
}
pevlr = (EVENTLOGRECORD *) &bBuffer;
}
CloseEventLog(h);
}
void CReadEVTDlg::OnClearDNS()
{
HANDLE h;
// 打开应用日志
h = OpenEventLog(NULL, //打开本地计算机日志
"DNS Server");//源名
if (h == NULL){
m_List.AddString("打开失败!");
return; }
BOOL re=ClearEventLog(h,"c:\\back.txt");//第二参数为NULL,不备份
m_List.ResetContent();
if(re)m_List.AddString("清除日志成功");
else m_List.AddString("清除日志失败");
CloseEventLog(h);
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -