[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\My Application Name]
"EventMessageFile"="%SystemRoot%\\system32\\eventres.dll"
"TypesSupported"=dword:00000007
"CategoryMessageFile"="%SystemRoot%\\system32\\eventres.dll"
"CategoryCount"=dword:00000002


library eventres;

  {$R ..\ResDLL\tada.res}


  {$R *.RES}
 
begin
end.


function WriteEventlog(szMsgArray: array of PChar; lpUNCServerName,
  szSourceName: PChar; EventType, CategoryID, EventID: Word;
  ptrBinaryData: Pointer; cbBinaryData: integer): boolean;
var
  hEventlog: THandle;
begin

  hEventLog := RegisterEventSource(lpUNCServerName, szSourceName);

  if hEventLog > 0 then begin

    ReportEvent(
      hEventLog,
      EventType,
      CategoryID,
      EventID,
      nil,
      Length(szMsgArray),
      cbBinaryData,
      @szMsgArray,
      ptrBinaryData
    );

    DeRegisterEventSource(hEventLog);
  end;
end;


procedure SetEventLogStartUpInfos;
var
  szMsgArray: array of PChar;
  ms: TMemoryStream;
begin
  SetLength(szMsgArray, 1);

  szMsgArray[0] := PChar(ParamStr(0));  //-- EventID = ResourceStringID %1
  //szMsgArray[1] := '10.4.126.34'; //-- EventID = ResourceStringID %2

  ms := TMemoryStream.Create;
  try
    ms.Write(_RegStruct, SizeOf(_RegStruct));

    WriteEventlog(
      szMsgArray,                 //-- szMsgArray: array of PChar;
      nil,                        //-- lpUNCServerName
      PChar('My Application Name'),//-- szSourceName
      EVENTLOG_INFORMATION_TYPE,  //-- EventType
      1,                          //-- CategoryID
      3,                          //-- EventID (Resource String ID mit 2 Platzhalter)
      ms.Memory,                  //-- ptrBinaryData
      ms.Size                     //-- cbBinaryData
      );
  finally
    ms.free;
  end;
end;