Win32_NTLogEvent Class

[This is preliminary documentation and subject to change.]

The Event Log Provider defines the Win32_NTEventlogFile class to access the data stored in a Windows NT log file.

The Event Log event Provider defines the Win32_NTLogEvent class to represent a Windows NT event in WBEM.

The Win32_NTLogEvent class is defined as follows:

class Win32_NTLogEvent
{
    uint32            RecordNumber;
    string            Logfile;
    uint32            EventIdentifier;
    string            SourceName;
    string            Type;
    uint16            Category;
    datetime        TimeGenerated;
    datetime        TimeWritten;
    datetime        TimeTranslated;
    string            ComputerName;
    string            User;
    string            Message;
    string            InsertionStrings[];
    uint8            Data[];
}

The following table describes each property:

Property	Description
RecordNumber	Used with the Logfile property to uniquely identify an event in the Windows NT event log and a Win32_NTLogEvent instance.
Logfile	Used with the RecordNumber property to uniquely identify an event within the Windows NT event log and a Win32_NTLogEvent instance.
EventIdentifier	Used with the SourceName property to uniquely identify a Windows NT event type.
SourceName	Variable-length null-terminated string specifying the component responsible for generating the Windows NT event. Used with the SourceName property to uniquely identify a Windows NT event type.
Type	Specifies the event type. Valid values are error, warning, information, audit success, and audit failure.
Category	Specifies a subcategory specific to the event source.
TimeGenerated	Specifies the time at which the source generated the event.
TimeWritten	Specifies the time at which the event was written to the event log.
TimeTranslated	Specifies the time at which this instance of the Win32_NTLogEvent class.
ComputerName	Variable-length null-terminated string specifying the name of the computer that generated this event.
User	Name of the user that was logged on when the event occurred or NULL if the user cannot be determined.
Message	Event message as it appears in the event log. This message consists of a standard message plus zero or more insertion strings supplied by the event source.
InsertionStrings	One or more strings that accompany the report of the event.
Data	Binary data that accompanies the report of the event.