BackupEventLog

The BackupEventLog function saves the specified event log to a backup file. The function does not clear the event log.

BOOL BackupEventLog(
  HANDLE hEventLog,          // handle to event log
  LPCTSTR lpBackupFileName   // name of backup file
);
 

Parameters

hEventLog

Handle to the open event log. This handle is returned by the OpenEventLog or OpenBackupEventLog function.

lpBackupFileName

Pointer to a null-terminated string that names the backup file.

Return Values

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError.

Remarks

The backup file cannot be written to a remote server because this function is implemented by a service running in the LocalSystem account, which does not have credentials on the remote machine. However, it is possible to write the file to a remote machine using a null session.

QuickInfo

  Windows NT: Requires version 3.1 or later.
  Windows: Unsupported.
  Windows CE: Unsupported.
  Header: Declared in winbase.h.
  Import Library: Use advapi32.lib.
  Unicode: Implemented as Unicode and ANSI versions on Windows NT.

See Also

Event Logging Overview, Event Logging Functions, OpenBackupEventLog, OpenEventLog