github.com/aayushi-bansal/sys@v0.0.0-20180118120756-90d962a959d8/windows/svc/eventlog/install.go (about)

     1  // Copyright 2012 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  // +build windows
     6  
     7  package eventlog
     8  
     9  import (
    10  	"fmt"
    11  	"golang.org/x/sys/windows"
    12  	"golang.org/x/sys/windows/registry"
    13  )
    14  
    15  const (
    16  	// Log levels.
    17  	Info    = windows.EVENTLOG_INFORMATION_TYPE
    18  	Warning = windows.EVENTLOG_WARNING_TYPE
    19  	Error   = windows.EVENTLOG_ERROR_TYPE
    20  )
    21  
    22  // Application event log provider.
    23  const Application = "Application"
    24  
    25  const eventLogKeyName = `SYSTEM\CurrentControlSet\Services\EventLog`
    26  
    27  // Install modifies PC registry to allow logging with an event source src.
    28  // It adds all required keys and values to the event log registry key.
    29  // Install uses msgFile as the event message file. If useExpandKey is true,
    30  // the event message file is installed as REG_EXPAND_SZ value,
    31  // otherwise as REG_SZ. Use bitwise of log.Error, log.Warning and
    32  // log.Info to specify events supported by the new event source.
    33  func Install(provider, src, msgFile string, useExpandKey bool, eventsSupported uint32) (bool, error) {
    34  	eventLogKey, err := registry.OpenKey(registry.LOCAL_MACHINE, eventLogKeyName, registry.CREATE_SUB_KEY)
    35  	if err != nil {
    36  		return false, err
    37  	}
    38  	defer eventLogKey.Close()
    39  
    40  	pk, _, err := registry.CreateKey(eventLogKey, provider, registry.SET_VALUE)
    41  	if err != nil {
    42  		return false, err
    43  	}
    44  	defer pk.Close()
    45  
    46  	sk, alreadyExist, err := registry.CreateKey(pk, src, registry.SET_VALUE)
    47  	if err != nil {
    48  		return false, err
    49  	}
    50  	defer sk.Close()
    51  	if alreadyExist {
    52  		return true, nil
    53  	}
    54  
    55  	err = sk.SetDWordValue("CustomSource", 1)
    56  	if err != nil {
    57  		return false, err
    58  	}
    59  	if useExpandKey {
    60  		err = sk.SetExpandStringValue("EventMessageFile", msgFile)
    61  	} else {
    62  		err = sk.SetStringValue("EventMessageFile", msgFile)
    63  	}
    64  	if err != nil {
    65  		return false, err
    66  	}
    67  	err = sk.SetDWordValue("TypesSupported", eventsSupported)
    68  	if err != nil {
    69  		return false, err
    70  	}
    71  	return false, nil
    72  }
    73  
    74  // InstallAsEventCreate is the same as Install, but uses
    75  // %SystemRoot%\System32\EventCreate.exe as the event message file.
    76  func InstallAsEventCreate(provider, src string, eventsSupported uint32) (bool, error) {
    77  	alreadyExists, err := Install(provider, src, "%SystemRoot%\\System32\\EventCreate.exe", true, eventsSupported)
    78  	return alreadyExists, err
    79  }
    80  
    81  // Remove deletes all registry elements installed for an event logging source.
    82  func RemoveSource(provider, src string) error {
    83  	providerKeyName := fmt.Sprintf("%s\\%s", eventLogKeyName, provider)
    84  	pk, err := registry.OpenKey(registry.LOCAL_MACHINE, providerKeyName, registry.SET_VALUE)
    85  	if err != nil {
    86  		return err
    87  	}
    88  	defer pk.Close()
    89  	return registry.DeleteKey(pk, src)
    90  }
    91  
    92  // Remove deletes all registry elements installed for an event logging provider.
    93  // Only use this method if you have installed a custom provider.
    94  func RemoveProvider(provider string) error {
    95  	// Protect against removing Application.
    96  	if provider == Application {
    97  		return fmt.Errorf("%s cannot be removed. Only custom providers can be removed.")
    98  	}
    99  
   100  	eventLogKey, err := registry.OpenKey(registry.LOCAL_MACHINE, eventLogKeyName, registry.SET_VALUE)
   101  	if err != nil {
   102  		return err
   103  	}
   104  	defer eventLogKey.Close()
   105  	return registry.DeleteKey(eventLogKey, provider)
   106  }