強力鎯頭 VB BLOG

2008-03-24

用程式清除Windows系統之事件日誌

用程式清除Windows系統之事件日誌

如何撰寫 VB 程式清除 Windows 系統事件日誌

  

<< VB.Net 2005 使用 EventLog 元件寫法 >>

 

Dim el As New EventLog ' 宣告並建立EventLog  元件

el.Log = "Application" ' 指定事件記錄檔名稱

el.Clear() ' 清除事件日誌檔

 

 

================================================================

 

 

<< VB6 Call API 寫法 >>

 

' API 宣告 

Private Declare Function ClearEventLog Lib "advapi32.dll" Alias "ClearEventLogA" ( _ 
        ByVal hEventLog As Long, ByVal lpBackupFileName As String) As Long 

Private Declare Function CloseEventLog Lib "advapi32.dll" _ 
        (ByVal hEventLog As Long) As Long 

Private Declare Function OpenEventLog Lib "advapi32.dll" Alias "OpenEventLogA" _
        (ByVal lpUNCServerName As String, ByVal lpSourceName As String) As Long

' 以下 Sub 處理刪除 Event Log 
Private Sub KillEventLog(EventLogName As String)
    Dim hEventLog As Long 
    Dim lretv As Long 

    ' 開啟事件日誌
    hEventLog = OpenEventLog(vbNullString, EventLogName)
    If hEventLog = 0 Then
        MsgBox "OpenEventLog Failed" ' 事件日誌開啟失敗
        Exit Sub
    End If

    ' 清除事件日誌 
    lretv = ClearEventLog(hEventLog, vbNullString)
    If lretv = 0 Then
        MsgBox "ClearEventLog Failed" ' 事件日誌清除失敗 
        Exit Sub 
    End If 

    ' 關閉事件日誌 
    lretv = CloseEventLog(hEventLog)
    If lretv = 0 Then 
        MsgBox "CloseEventLog Failed" ' 事件日誌關閉失敗 
        Exit Sub 
    End If 

End Sub

'動作如下
'    KillEventLog "Application" 
'    KillEventLog "System" 
'    KillEventLog "Security" 
'    KillEventLog "SecEvent.Evt" 
'    KillEventLog "SysEvent.Evt" 
'    KillEventLog "DnsEvent.Evt" 

 

 

================================================================

 

 

<< VB.Net Call API 寫法 >>

 

Public Class Form1

 

    Declare Function OpenEventLog Lib "advapi32.dll" Alias "OpenEventLogA" _

        (ByVal lpUNCServerName As String, ByVal lpSourceName As String) As Integer

 

    Declare Function ClearEventLog Lib "advapi32.dll" Alias "ClearEventLogA" _

        (ByVal hEventLog As Integer, ByVal lpBackupFileName As String) As Integer

 

    Declare Function CloseEventLog Lib "advapi32.dll" (ByVal hEventLog As Integer) As Integer

 

    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click

 

        If KillEventLog("Application") Then MessageBox.Show("事件日誌清除成功!")

 

    End Sub

 

    Private Function KillEventLog(ByVal EventLogName As String) As Boolean ' 刪除Event Log

 

        Dim lng_h_EL As Long

 

        KillEventLog = False

 

        ' 開啟事件日誌

        lng_h_EL = OpenEventLog(vbNullString, EventLogName)

 

        If lng_h_EL = 0 Then

            MessageBox.Show(" 事件日誌開啟失敗!")

            Exit Function

        End If

 

        ' 清除事件日誌

        If ClearEventLog(lng_h_EL, vbNullString) = 0 Then

            MessageBox.Show("事件日誌清除失敗!")

            Exit Function

        End If

 

        ' 關閉事件日誌

        If CloseEventLog(lng_h_EL) = 0 Then

            MsgBox("事件日誌關閉失敗!")

            Exit Function

        End If

 

        Return True

 

    End Function

 

End Class