The win32-eventlog library provides an interface for reading from and writing to the MS Windows Event Log.
In addition, you can create your own message event sources using the Win32::MC class (provided with this distro), assuming you have the proper tools installed.
- ffi
- Windows Vista or later
The 'mc', 'rc' and 'link' command line tools are required to create and install message sources. You won't need these for simply reading from or writing to an existing event log.
gem install win32-eventlog
require 'win32/eventlog'
require 'win32/mc' # If you want to create message files.
Win32::EventLog.read('Application') do |log|
p log
end
This will install both the win32-eventlog and win32-mc libraries. The latter is strictly for turning .mc files into .dll files. See the mc documentation for more details.
If you wish to install the RubyMsg event source then run the event_source:install Rake task. This will create a 'rubymsg' directory under your toplevel Ruby installation directory (usually C:\ruby), and create the .dll, .h, .rc and .res files there, in addition to copying the rubymsg.mc file. It will then install the 'RubyMsg' event source into your registry.
DO NOT MOVE THE DLL FILE ONCE IT IS INSTALLED! If you do, you will have to delete the registry entry and reinstall it with the correct path.
Take a look at the rubymsg.mc file for the category and message values. If you do not understand this, please read the 'tutorial.txt' file in the 'doc' directory.
If you are unfamiliar with message files and event logging on Windows in general, please read the 'tutorial.txt' file.
There are also a couple of sample test scripts under the 'examples' directory if you want to futz around and get a feel for how things work.
If the tests from the test_mc.rb file are omitted then you either don't have the mc, rc and/or link commands installed or they're not in your system's %PATH%. If you have MSVC++, you should have them somewhere on your system.
- JRuby users may need to increase their heap space.
Please file any bug reports on the project page at http://github.com/chef/win32-eventlog.
You can use ruby-wmi + Win32_NTLogEvent to get Windows eventlog information using OLE behind the scenes.
Artistic 2.0
This package is provided "as is" and without any express or implied warranties, including, without limitation, the implied warranties of merchantability and fitness for a particular purpose.
- Daniel J. Berger
- Park Heesob