Tag Archives: opensource

LogExpert Browser – Windows Event Logs Viewer

A brief presentation

LogExpert Browser is a free open-source application for viewing Windows event logs records.
It is similar to Event Viewer (a tool which is shipped with Windows system) and has few additional features.

LogExpert Browser

LogExpert Browser


Key features

Here is a brief list of LogExpert Browser key features:

  • Simultaneous vizualization of records from different logs (Application, System, Security, etc).
  • Filtering records by different criteria (source, type, computer name, etc).
  • Ascending or descending sorting of records.
  • Selection and ordering of display fields (sourse, type, computer name, etc).
  • Disk persistance of filtering criteria, sorting options and other user settings.
  • Fast reading of records with a minimum memory consumption.

Target platforms

It runs under Windows 2k, XP, Vista and Windows 7 operating systems with no additional prerequisites.


Executable binaries as well as an install kit can be found in CODEXPERT downloads pages.

The full project source code is avalable for free in Open-source section of CODEXPERT forum. It is a Visual Studio project, using MFC Framework and Windows SDK.


tarlib – Windows TAR Library

Our latest addition to the open-source projects we feature on the site is tarlib. This is intended as a (small) C++ library that you can use in Windows applications that need to handle TAR files. Of course, most zipping tools (for Windows) support TAR archives, so if you just need to extract or create a TAR archive you can use one of them (my favorite is 7-zip). But when you need to do this in your app, things could get a bit more complicated. Of course, there are already available solutions. You can use for instance LZMA SDK (from 7-zip) or the commercial library Chilkat. My proposal is a library with a simple API that enables you to process TAR files with ease.

TAR description

If you need tarlib, you must already know something about TAR files. Anyways you can get more info in the following articles:

Here is a short summary of the TAR format:

  • TAR archives consist of a series of objects, most common being files and folders
  • each such object is preceded by a header (of 512 bytes)
  • the information in the header is encoded in ASCII and numbers are written in the octal base
  • the file data is written unaltered, but it is rounded up to a multiple of 512 bytes
  • the end of the file is marked with at least two consecutive entries filled with zeros
  • there are different version of the TAR archives (UNIX V7, “old GNU” and GNU, STAR and POSIX) and different implementation


tarlib is written in C++ with Visual Studio and requires minimum Windows XP (because of file system APIs that it uses and that were introduced with WinXP). The library is provided as a pack of C++ files (headers and cpps) that you can include in your application.

Note that:

  • the library is distributed under the Creative Commons Attribution-ShareAlike license
  • The software is provided “as-is”. No claim of suitability, guarantee, or any warranty whatsoever is provided.

The current version (v1.1)

  • is able to read (and process) existing TAR files
  • does not support creation of TAR files
  • supports parsing tar objects representing files and folders (as these are the most common objects on Windows at least)

Library API

There are a few classes/structures the library provides for handling TAR files.

  • tarFile: is the representation of a tar file.
    • bool open(std::string const &filename, tarFileMode mode, tarFormatType type)opens the specified TAR file for reading or writing (not supported in v1.1)
    • bool extract(std::string const &folder)extracts the content of the archive (files and folders) to the specified destination
    • tarEntry get_first_entry()retrieves the first entry in a tar archive
    • tarEntry get_next_entry()retrieves the next entry in a tar archive
    • void rewind()re-positions the file cursor at the beginning of the archive
  • tarEntry: represents an object in a TAR file. it contains the header for the entry and methods to process the entry:
    • bool is_empty()indicates whether this is an empty entry (empty entries are used to mark the end of the archive)
    • bool is_md5()indicates whether this is an entry that contains the MD5 hash of the actual TAR file (always found at the end of the archive)
    • void rewind()re-positions the file cursor ar the beginning of the object’s data (so you can read it again)
    • bool extract(std::string const &folder)extracts the current entry (file or folder) to the specified folder
    • size_t read(char* buffer, size_t chunksize = tarChunkSize)reads from the current position in the object’s data to the provided buffer; this function does not read past the end of the object’s data
    • static tarEntry makeEmpty()creates a tarEntry representing an empty object
    • static tarEntry makeMD5(char* buffer, size_t size)creates a tarEntry from a buffer containing the MD5 hash for the TAR object


Example 1: extract a TAR archive to a specified folder using the tarFile

Example 2: extract a TAR archive to a specified folder using a loop that iterates through the entries of the TAR archive

Example 3: a simplified version of the 2nd example

Example 4: explicitly process the entries of a TAR file (no auto-extraction to disk, can be in memory processing)