Viewing the Event Log
When the user starts Event Viewer to view the event log entries, it calls the ReadEventLog function to obtain the EVENTLOGRECORD structures. The Event Viewer uses the event source and event identifier to get message text for each event from the registered message file (indicated by the EventMessageFile registry value for the source). The Event Viewer uses the LoadLibraryEx function to load the message file. The Event Viewer then uses the FormatMessage function to retrieve the base description string from the loaded module. Finally, the Event Viewer replaces the insertion parameters in the base description string to yield the final message string.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for