Support new Windows EventLog API

[bernd]

Windows has a new EventLog API since Vista / Server 2008. The library we are using the read the event log (sigar) does not support the new API yet.

We have to find another library that supports reading the from the new API to be able to read the new eventlog types correctly.

• [ ] Make sure the eventlog reader can handle manual eventlog deletion/cleaning. The current sigar based reader throws an exception in that case. (2015-09-03T08:17:27.431+0200 ERROR [EventLogThread] sigar.win32.EventLogThread - Unable to read event id 250667: org.hyperic.sigar.win32.Win32Exception: Error reading from the event log: 1503)
• [ ] Save the current state for each followed eventlog stream and start reading from that position after a restart to avoid losing logs.

[henrikjohansen]

@bernd the nxlog src code contains a nice example of both here (not JAVA though) :

https://github.com/lamby/pkg-nxlog-ce/tree/master/src/modules/input/msvistalog https://github.com/lamby/pkg-nxlog-ce/tree/master/src/modules/input/mseventlog