Get event viewer logs with win api in c++

Question

My application need to save event viewer logs to a specified directory and it has to be done with win api. Application and System logs are required.

EDIT: EvtExportLog - I found out that I can't use this function because minimal requirements are Win Server 2008, and I need this to work on Win Server 2000 and Win Server 2003.

Any suggestions what to use and how to use it?

And there is solution thanks to Richard Cook.

    int getEventLogs()
{
    HANDLE h = OpenEventLog(NULL,"System");
    if(!BackupEventLog(h,"backup.evt"))
    {
        wprintf(L"BackupEventLog failed for initial export with %lu.\n", GetLastError());
    }
    return 1;
}

Answer 1

You can enumerate the available channels on the system using EvtOpenChannelEnum, EvtNextChannelPath and EvtClose (documentation). These APIs (EvtNextChannelPath specifically) will return paths in an appropriate format for EvtExportLog.