A description of the schema used for messages sent by the Windows Event Log adapter.
| Field | Type | Description |
| Category | String | Text associated with the Category Number. |
| CategoryNumber | Integer | Category of the event log entry. |
| Data Blob | Binary | Data associated with the event. |
| EntryType | String | May be one of the following: • Error. • Warning. • Information. • SuccessAudit. • FailureAudit. |
| Index | Integer | Index of the entry in the event log. |
| InstanceID | Long | Resource identifier that identifies the message text of the event. |
| MachineName | String | Machine where the event occurred. |
| Message | String | Text message associated with the event. |
| Source | String | Application that generated the event. |
| TimeGenerated | Timestamp | Time that the event occurred (UTC, not local time). |
| TimeWritten | Timestamp | Time that the event was written to the log (UTC, not local time). |
| User_Name | String | Name of the user responsible for the event. |
| LogName | String | Event Log in which the event was generated. |
| Site | String | Text name of the site of the event. |
The event schema may also be found in the wineventlog.ccs file. If you installed Sybase CEP Engine to the default directory, this file will be in the C:\Program Files\C8\Server\sdk\net\ccl directory.
The timestamp of the event is the time that the event was generated. The time that the event was written is recorded separately, within the message.
For further information, see the documentation for the EventLogEntry class on MSDN.