Maybe you want to specify full path to NTDS.Evt?

http://cpansearch.perl.org/src/JDB/Win32-EventLog-0.076/EventLog.xs

static const char *EVFILE[] = {"System", "Security", "Application"};

...
    /* Which EventLog are we reading? */
    for (j=0; j < (sizeof(EVFILE)/sizeof(EVFILE[0])); j++) {
        sprintf(regPath,
                "SYSTEM\\CurrentControlSet\\Services\\EventLog\\%s\\%s
+",
                EVFILE[j], source);
        if (RegOpenKeyExA(HKEY_LOCAL_MACHINE, regPath,
                          0, KEY_READ, &hk) == ERROR_SUCCESS)
        {
            break;
        }
    }
[download]

Maybe you want to use psloglist?