Documentation ¶
Overview ¶
Package wineventlog provides access to the Windows Event Log API used in all versions of Windows since Vista (i.e. Windows 7+ and Windows Server 2008+). This is distinct from the Event Logging API that was used in Windows XP, Windows Server 2003, and Windows 2000.
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Query ¶
type Query struct { // Name of the channel or the path to the log file that contains the events // to query. Log string IgnoreOlder time.Duration // Ignore records older than this time period. // Whitelist and blacklist of event IDs. The value is a comma-separated // list. The accepted values are single event IDs to include (e.g. 4634), a // range of event IDs to include (e.g. 4400-4500), and single event IDs to // exclude (e.g. -4410). EventID string // Level or levels to include. The value is a comma-separated list of levels // to include. The accepted levels are verbose (5), information (4), // warning (3), error (2), and critical (1). Level string // Providers (sources) to include records from. Provider []string }
Query that identifies the source of the events and one or more selectors or suppressors.
Example ¶
q, _ := Query{Log: "System", EventID: "10, 200-500, -311", Level: "info"}.Build() fmt.Println(q)
Output: <QueryList> <Query Id="0"> <Select Path="System">*[System[(EventID=10 or (EventID >= 200 and EventID <= 500)) and (Level = 0 or Level = 4)]]</Select> <Suppress Path="System">*[System[(EventID=311)]]</Suppress> </Query> </QueryList>
Click to show internal directories.
Click to hide internal directories.