強力鎯頭 VB BLOG

2008-03-24

用程式清除Windows系統之事件日誌

用程式清除Windows系統之事件日誌

如何撰寫 VB 程式清除 Windows 系統事件日誌

<< VB.Net 2005 使用 EventLog 元件寫法 >>

Dim el As New EventLog ' 宣告並建立EventLog 元件

el.Log = "Application" ' 指定事件記錄檔名稱

el.Clear() ' 清除事件日誌檔

================================================================

<< VB6 Call API 寫法 >>

' API 宣告

Private Declare Function ClearEventLog Lib "advapi32.dll" Alias "ClearEventLogA" ( _
ByVal hEventLog As Long, ByVal lpBackupFileName As String) As Long

Private Declare Function CloseEventLog Lib "advapi32.dll" _
(ByVal hEventLog As Long) As Long

Private Declare Function OpenEventLog Lib "advapi32.dll" Alias "OpenEventLogA" _
(ByVal lpUNCServerName As String, ByVal lpSourceName As String) As Long

' 以下 Sub 處理刪除 Event Log
Private Sub KillEventLog(EventLogName As String)
Dim hEventLog As Long
Dim lretv As Long

' 開啟事件日誌
hEventLog = OpenEventLog(vbNullString, EventLogName)
If hEventLog = 0 Then
MsgBox "OpenEventLog Failed" ' 事件日誌開啟失敗
Exit Sub
End If

' 清除事件日誌
lretv = ClearEventLog(hEventLog, vbNullString)
If lretv = 0 Then
MsgBox "ClearEventLog Failed" ' 事件日誌清除失敗
Exit Sub
End If

' 關閉事件日誌
lretv = CloseEventLog(hEventLog)
If lretv = 0 Then
MsgBox "CloseEventLog Failed" ' 事件日誌關閉失敗
Exit Sub
End If

End Sub

'動作如下:
' KillEventLog "Application"
' KillEventLog "System"
' KillEventLog "Security"
' KillEventLog "SecEvent.Evt"
' KillEventLog "SysEvent.Evt"
' KillEventLog "DnsEvent.Evt"

================================================================

<< VB.Net Call API 寫法 >>

Public Class Form1

Declare Function OpenEventLog Lib "advapi32.dll" Alias "OpenEventLogA" _

(ByVal lpUNCServerName As String, ByVal lpSourceName As String) As Integer

Declare Function ClearEventLog Lib "advapi32.dll" Alias "ClearEventLogA" _

(ByVal hEventLog As Integer, ByVal lpBackupFileName As String) As Integer

Declare Function CloseEventLog Lib "advapi32.dll" (ByVal hEventLog As Integer) As Integer

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click

If KillEventLog("Application") Then MessageBox.Show("事件日誌清除成功!")

End Sub

Private Function KillEventLog(ByVal EventLogName As String) As Boolean ' 刪除Event Log

Dim lng_h_EL As Long

KillEventLog = False

' 開啟事件日誌

lng_h_EL = OpenEventLog(vbNullString, EventLogName)

If lng_h_EL = 0 Then

MessageBox.Show(" 事件日誌開啟失敗!")

Exit Function

End If

' 清除事件日誌

If ClearEventLog(lng_h_EL, vbNullString) = 0 Then

MessageBox.Show("事件日誌清除失敗!")

Exit Function

End If

' 關閉事件日誌

If CloseEventLog(lng_h_EL) = 0 Then

MsgBox("事件日誌關閉失敗!")

Exit Function

End If

Return True

End Function

End Class