In: Computer Science
1.Can we refer to the Registry as a log file? Why or why not?
2. When a user logs in to a system, which Registry keys will be accessed and parsed?
1) Windows Registry is the hierarchical database which is used to store specific data. Mostly registry is used to store applications setting information, application state information, recovey data etc.Logging is used to track applications flow. Log files are used to keep track of application when its run on system. we can not refer registry as a log file because registry has minimal size. it has key - value pair structure to store data. but in log file you can describe each and everything related to application.
2) Registry has different keys as follows:
HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS, HKEY_CURRENT_CONFIG
In registry, Registry has its corresponding .dat file which are used to store registry data. When user log In, NTuser.dat file gets loaded in registry and its mapped to the HKEY_CURRENT_USER registry key and parsed it. This registry key maintains the users registry based preferences and configuration.