Documentation
¶
Overview ¶
Package wineventlog provides access to the Windows Event Log API used in all versions of Windows since Vista (i.e. Windows 7+ and Windows Server 2008+). This is distinct from the Event Logging API that was used in Windows XP, Windows Server 2003, and Windows 2000.
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Query ¶
type Query struct {
// Name of the channel or the path to the log file that contains the events
// to query.
Log string
IgnoreOlder time.Duration // Ignore records older than this time period.
// Whitelist and blacklist of event IDs. The value is a comma-separated
// list. The accepted values are single event IDs to include (e.g. 4634), a
// range of event IDs to include (e.g. 4400-4500), and single event IDs to
// exclude (e.g. -4410).
EventID string
// Level or levels to include. The value is a comma-separated list of levels
// to include. The accepted levels are verbose (5), information (4),
// warning (3), error (2), and critical (1).
Level string
// Providers (sources) to include records from.
Provider []string
}
Query that identifies the source of the events and one or more selectors or suppressors.
Example ¶
q, _ := Query{Log: "System", EventID: "10, 200-500, -311", Level: "info"}.Build()
fmt.Println(q)
Output: <QueryList> <Query Id="0"> <Select Path="System">*[System[(EventID=10 or (EventID >= 200 and EventID <= 500)) and (Level = 0 or Level = 4)]]</Select> <Suppress Path="System">*[System[(EventID=311)]]</Suppress> </Query> </QueryList>
Source Files
Click to show internal directories.
Click to hide internal directories.