windwos事件日志字段允许的最大长度 [英] maximum length allowed for windwos event log fields

问题描述

您好，

如何知道为Windows事件日志字段设置的最大长度是什么事件ID，事件日志名称，事件源，任务，类别，消息？

根据链接 http://www.whitehats.ca/main/members/Malik /malik_eventlogs/malik_eventlogs.html
字符串类型是可变长度。但即使它是可变长度字符串，它也可能有一些限制，具体取决于操作系统容量。那么决定这个限制的方法是什么呢？

感谢和问候，
Geeta

Hello,

How can I get to know what is the maximum length set for windows event log fields Event ID, Event Log Name, Event Source, Task, Category, Message?

As per link http://www.whitehats.ca/main/members/Malik/malik_eventlogs/malik_eventlogs.html
string types are variable length. But even if it is variable length string, it may have some limitation depending on the operating system capacity. So what is the way to decided this limit?


Thanks and Regards,
Geeta

推荐答案

the feilds在事件中没有设置最大尺寸。事件的唯一大小限制是总大小，最大为64KB。注意，总事件大小由事件标题（由OS添加）和提供者应用程序在"数据"中添加的附加数据组成。清单中事件模板的一部分。

Kevin

The feilds in events do not have set maximum sizes. The only size limitation on an event is the total size, which is a maximum of 64KB. Note that the total event size is comprised of the event header (added by the OS) and the additional data that is added by the provider applicaiton in the "data" section of the event's template in the manifest.

Kevin

这篇关于windwos事件日志字段允许的最大长度的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！