package win-eventlog

  1. Overview
  2. Docs
Log via the Windows event log from OCaml programs

Install 

dune-project
 Dependency

github.com Readme Changelog ISC License Edit opam file Versions (4)

Authors

  1. D
    David Scott

Maintainers

  1. D
    dave@recoil.org

Sources

win-eventlog-0.4.tbz
sha256=f67b192436e2716eaab0396643a73ca8b3af92f22510d6a5f3f43080dcdb0169
sha512=8e5de12612c2d686e9ae2961283df002c5ed8b071c19f13792b36aa3d704ca6328f25adc4e7e0e30d37c36d05a13ec7e88a6ca313a24a086846b52ec8c265485

doc/win-eventlog/Win_eventlog/Eventlog/index.html

Module Win_eventlog.EventlogSource

Low-level functions to write to the Windows event log.

The Windows event log is similar to syslog on Unix systems. The main difference is that the log records "events" which have a "category", an "event id" and an array of "insertion strings". Applications are expected to enumerate their categories and event ids and use the message compiler (mc.exe) to create a resource which is linked into the application. The event log viewer (or other clients) look up the source name in the registry, read the resources and decode the event data.

By default if no resources can be found describing the specific categories and events of the application, then the event log viewer will show the categories and events as integers and the insertion strings as plain text. This style of usage is similar to syslog on a Unix system.

Low-level example:

  let log = Eventlog.register "Mirage.exe" in
  let category = 0 and event = 1 in
  Eventlog.report log `Success category event [|
    "insertion string 1";
    "insertion string 2";
  |]

You may wish to use the high-level Log reporter interface instead:

  let log = Eventlog.register "Mirage.exe" in
  Logs.set_reporter (Log_eventlog.reporter log ());
  Log.err (fun f -> f "This is an error");
  Log.info (fun f -> f "This is informational");
  Log.debug (fun f -> f "This is lowly debugging data");

For more context, please read the following documents:

  1. ReportEvent API documentation
  2. HOWTO: Troubleshooting the "Event Message Not Found" message
Sourcetype t

An event log handle, see register.

Sourceval register : ?server:string -> string -> t

register server source registers the source named source with the event log on server server. If server is None then the local event log is used.

Sourcetype ty = [
  1. | `Success
  2. | `Audit_failure
  3. | `Audit_success
  4. | `Error
  5. | `Information
  6. | `Warning
]

Type of event to be logged.

Sourceval string_of_ty : ty -> string
Sourceval report : t -> ty -> int -> int -> string array -> unit

report t ty category event strings reports an event to the log t. The event has a global "type", as well as source-specific category and event ids. Each event takes an array of "insertion strings" -- the system log viewer will look up the category, event and user's language setting in the resource (.exe or .dll) associated with the event source in the registrty, and then "insert" the strings as parameters inside the template.