node-windows
node-windows copied to clipboard
coreybutler
Event logging as non-admin?
Currently it looks like if I write to the event log, I get a UAC prompt with every message. Of course this doesn't happen if my program runs as an administrator, or, I presume, as a service.
Is there a way to write to the event log as a non-admin? It would be fine it UAC popped up the first time the log was created, but not with each entry.
No. This is a requirement of the OS. On Jan 27, 2014 7:53 PM, "Josh Santangelo" [email protected] wrote:
Currently it looks like if I write to the event log, I get a UAC prompt with every message. Of course this doesn't happen if my program runs as an administrator, or, I presume, as a service.
Is there a way to write to the event log as a non-admin? It would be fine it UAC popped up the first time the log was created, but not with each entry.
— Reply to this email directly or view it on GitHubhttps://github.com/coreybutler/node-windows/issues/40 .
I must respectfully disagree... non-admin apps write to the event log all the time. The windows-eventlog module requires elevation only the first time, and we've done it from C++ apps at @stimulant several times. You just have to register an event source with the OS first, which does require elevation.
I believe all you need to do is create a registry key like:
SYSTEM\CurrentControlSet\Services\EventLog\Application\MyAppName
Here is another approach: http://stackoverflow.com/a/1036133/468472
I've been using windows-eventlog successfully but as it is a native module, has been a pain to deploy (I like your "no native modules" approach). I'll experiment with the above options combined with node-windows.
I may end up making a service anyway, though.
I should have been clearer, elevated/admin permissions are required if you're executing from the command line, which is how this module has been put together. As you already found, the point of this module is to not use native modules, unless they're precompiled and available for most versions of Windows. I originally had this running with windows-eventlog, but if memory serves right, the native build process caused more problems than it was worth.
The code already uses the approach from StackOverflow.
I'll still leave this open as I think you are right about prepping a registry key. It is not something that has been on my radar because this is the first time it has come up. It's also something I probably won't get to for a while.
I was able to get this working by querying for that registry key, and then calling eventcreate as admin one time if it's not there.
_eventSourceReady: false,
// Register a Windows event source.
registerEventSource: function(callback) {
var source = this.get('eventLog').eventSource;
var key = 'HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentcontrolSet\\Services\\EventLog\\Application\\' + source;
child_process.exec('REG QUERY ' + key, _.bind(function(error, stdout, stderr) {
if (!error) {
this._eventSourceReady = true;
return;
}
var cmd = 'EVENTCREATE /L APPLICATION /T Information /SO "' + source + '" /ID 1000 /D "Set up event source."';
wincmd.elevate(cmd, null, _.bind(function(error, stdout, stderr) {
if (!error) {
this._eventSourceReady = true;
}
if (callback) {
callback(error, stdout, stderr);
}
}, this));
}, this));
},
// Log a message to the Windows event log.
writeEventLog: function(level, msg, meta, callback) {
if (!this._eventSourceReady || !msg) {
return;
}
msg = msg.trim();
if (!msg) {
return;
}
var source = this.get('eventLog').eventSource;
var cmd = 'EVENTCREATE /L APPLICATION /T ' + level + ' /SO "' + source + '" /ID 1000 /D "' + msg + '"';
child_process.exec(cmd, callback);
}