i'm developing c++ windows application monitor logon , logoff session activities in real-time. should have followings:
- account name
- user
- account domain
- logon id
- audit success/failure
- logged on time/date
- session time period
it should alert if failure logon attempts or unusual activities occur. want know how read event logs (say example critical level events in security event logs) using c++. can these information windows event viewer. there way in c++ using windows native apis.
thanks in advance.
if application service probalby have service control handler already. if make register , handle service_control_sessionchange fist step.
then wtsquerysessioninformation give of information need.
re audit, might want ot post separate question (or maybe google?) on how read event log.
Comments
Post a Comment