News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests
NB: Posting URL's See here: Posted URL Change

Main Menu

Event log and timestamp

Started by minor28, November 30, 2013, 09:14:21 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

minor28

November 30, 2013, 09:14:21 PM
I have tested to read my windows 7 computer's system event log and a little about timestamp and how to make it readable. For those interested, I attach my source code.

You find the event log functions in advapi32.lib. I also attach wevtapi.lib and winevt.inc with event log functions.

About SystemTimeToString function. If argument pTimeFormat is equal to 0 the default format is "yyyy-MM-dd hh:mm:ss".

Format to use:
yy = two digits year
yyyy = four digits year
MM = two digits month index
MMM = three characters month name
dd = two digits day of month
hh = two digits hours
mm = two digits minutes
ss = two digits seconds

dedndave

#1
November 30, 2013, 09:42:35 PM
the TimestampToSystemTime function could be simplified a little
the time stamp is a "time_t" or "unix" or "posix" time format
but, you can convert it to a windows FILETIME structure (2 dwords)

FileTime = (time_t * 10000000) + 116444736000000000

then use FileTimeToLocalFileTime and/or FileTimeToSystemTime

WMI uses CIM_DATETIME (and also "Interval Time")

http://msdn.microsoft.com/en-us/library/aa387237%28v=vs.85%29.aspx

GetTimeFormat will format the string for you

http://msdn.microsoft.com/en-us/library/windows/desktop/dd318130%28v=vs.85%29.aspx
Print
Go Up Pages1
User actions