[Win32utils-devel] Can't write to "Windows PowerShell" source with win32-eventlog

Heesob Park phasis at gmail.com
Tue Nov 27 21:43:00 EST 2007


Hi,

2007/11/28, Daniel Berger <djberg96 at gmail.com>:
>
> Hi all,
>
> Tim Uckun reported, and I've confirmed, that you can't write to the
> Windows PowerShell event source for some reason.
>
> Tim thought it might be because of the space in the name, but my attempt
> to quote it did not seem to help.
>
> In order to follow along, install PowerShell, create the foo.dll using
> the foo.mc file in the 'test' directory, and try the following code:
>
> require 'win32/eventlog'
> include Win32
>
> EventLog.add_event_source(
>    :source                => 'Windows PowerShell',
>    :key_name              => 'foo',
>    :category_count        => 2,
>    :event_message_file    => 'foo.dll',
>    :category_message_file => 'foo.dll'
> )
>
> EventLog.open('Windows PowerShell') do |log|
>    log.report_event(
>       :source     => "foo",
>       :event_type => EventLog::WARN,
>       :category   => "0x00000002L".hex,
>       :event_id   => "0x00000003L".hex,
>       :data       => "I'm warning you!"
>    )
> end
>
> As Tim mentioned, this doesn't raise an error. It just doesn't seem to
> do anything.
>
> Any ideas? Anything special about the Windows PowerShell source?
>
> In unrelated news, my attempts to replace RegCreateKey with
> RegCreateKeyEx in EventLog.add_event_source failed. Or shouldn't I
> bother with it?
>
> Regards,
>
> Dan


I guess Custom Log event must have log file name.

After inserting following code at add_event_source methods, it works fine.

        # The key_name must be specified
         unless hash['key_name']
            raise Error, 'no event_type specified'
         end

###########  insert begin

        key = key_base + hash['source']

         if RegCreateKey(HKEY_LOCAL_MACHINE, key, hkey) != ERROR_SUCCESS
            error = 'RegCreateKey() failed: ' + get_last_error
            raise Error, error
         end
         hkey = hkey.unpack('L')[0]
         data = "%SystemRoot%\\System32\\config\\#{hash['source']}.evt"

            rv = RegSetValueEx(
               hkey,
               'File',
               0,
               REG_EXPAND_SZ,
               data,
               data.size
            )

            if rv != ERROR_SUCCESS
               error = 'RegSetValueEx() failed: ', get_last_error
               RegCloseKey(hkey)
               raise Error, error
            end
         RegCloseKey(hkey)

         hkey = [0].pack('L')

         key = key_base + hash['source'] + "\\" + hash['key_name']

###########  insert end

         if RegCreateKey(HKEY_LOCAL_MACHINE, key, hkey) != ERROR_SUCCESS
            error = 'RegCreateKey() failed: ' + get_last_error
            raise Error, error
         end
Regards,

Park Heesob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://rubyforge.org/pipermail/win32utils-devel/attachments/20071128/9fe8e52d/attachment.html 


More information about the win32utils-devel mailing list