Event Viewer Log File Information

Event Viewer stores event information in three binary log files in the %SYSTEMROOT%\SYSTEM32\CONFIG directory:

• � APPEVENT.EVT�application log
• � SECEVENT.EVT�security log
• � SYSEVENT.EVT�system log

You can access the logs using the Win32 event logging API set. These APIs are documented on the Microsoft Development Library (MSDN) CD. The following functions are available:

• � BackupEventLog
• � ClearEventLog
• � CloseEventLog
• � DeregisterEventSource
• � GetNumberOfEventLogRecords
• � GetOldestEventLogRecord
• � NotifyChangeEventLog
• � OpenBackupEventLog
• � OpenEventLog
• � ReadEventLog
• � RegisterEventSource
• � ReportEvent