Closed demitchell14 closed 4 years ago
coreybutler
commented
4 years ago To be honest, I don't know.
node-windows can send carriage returns and line feeds, but I don't know if the Windows logger will accept it. I suspect there may be some escaping happening when the string is passed through. If you're seeing nr in your logs, then you may want to try \\r\\n, but that's really just a guess. Ultimately the logs are submitted through a command wrapper.
demitchell14
commented
4 years ago Well what actually happens is this...
If I put in a \r\n, nothing happens (no message is actually sent)
If I put in a \\r\\n, it just displays a \r\n in the message.
If you look at the raw xml, the actual message is wrapped...
<data>{message}</data>So I tried to be cheeky and put in a </data><data> as a delimiter, but as expected, it just printed it in the message. I'm not entirely sure how the xml data actually works, because looking over other event logs from other processes, the <data /> isn't actually what is displayed, rather its the information that is being inserted into a predefined message I believe. -- When I get time, I may look into the code and see if I can come up with something, but until then..
Its not really a huge deal -- I just can't format my messages like I would normally like, but it is what it is.
demitchell14
commented
4 years ago Interesting tid-bit I found.
I looked into the code and found the command that is entered to create an Event message..
eventcreate /L <log> /T <type> /SO "<title>" /D "<message>" /ID <code>so I did some testing with the command itself, and figured out the actually return line character. Its actually the ^L character (ctrl + L) however I haven't found any information on what that "character" actually is.
eventcreate /L APPLICATION /T INFORMATION /SO "test" /D "Test Line 1 ^L Test Line 2" /ID 1000does in fact generate a line break between the two.
EDIT:
I figured out the unicode value of the ^L Character. It is . So ^L is actually a Form Feed (\f). Which means that both \r\n SHOULD work, however they can't be in that form. they would need to be in actual the form of, well, however it displays in reality. So I'm unsure how this would actually work in the program itself.
One thing to note: if you test regular command line implementation with the ^L it will break the Details tab in EventViewer. I'm unsure how it would react if programatically done.
demitchell14
commented
4 years ago Okay, I figured it out.
const exec = require("child_process").exec;
const messages = [
// ** Generates Error
"Test Line 1 \n Test Line 2",
// ** is successful
"Test Line 1 \f Test Line 2"
]
messages.map((message, i) => {
const cmd = `eventcreate /L APPLICATION /T INFORMATION /SO "Test" /D "${message}" /ID 1000`;
exec(cmd, (err) => {
if (err) {
console.error(err);
} else {
console.log(`Message ${i} Entered`);
}
})
})little test lead to \f being the solution to this.
coreybutler
commented
4 years ago 1) Awesome Work 2) This seems like something node-windows should do for you.
It would make sense to do a find/replace on messages, to convert \n to \f, before the command is executed. If you were to submit this as a PR, I would accept it.
Is it possible to send multi-line EventLogger messages? I figured it would be as simple as sending a string with a
\r\nor similar in the string itself, however when I do, it doesn't actually post the message.