projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[EVENTLOG]
[reactos.git] / reactos / base / services / eventlog / eventlog.h
1 /*
2 * PROJECT: ReactOS kernel
3 * LICENSE: GPL - See COPYING in the top level directory
4 * FILE: services/eventlog/eventlog.h
5 * PURPOSE: Event logging service
6 * COPYRIGHT: Copyright 2005 Saveliy Tretiakov
7 */
8
9 #ifndef __EVENTLOG_H__
10 #define __EVENTLOG_H__
11
12 #define NDEBUG
13 #define WIN32_NO_STATUS
14
15 #include <stdio.h>
16 #include <windows.h>
17 #include <netevent.h>
18 #include <lpctypes.h>
19 #include <lpcfuncs.h>
20 #include <rtlfuncs.h>
21 #include <obfuncs.h>
22 #include <iotypes.h>
23 #include <debug.h>
24 #include "eventlogrpc_s.h"
25
26 typedef struct _IO_ERROR_LPC
27 {
28 PORT_MESSAGE Header;
29 IO_ERROR_LOG_MESSAGE Message;
30 } IO_ERROR_LPC, *PIO_ERROR_LPC;
31
32 #define MAJORVER 1
33 #define MINORVER 1
34
35 /*
36 * Our file format will be compatible with NT's
37 */
38 #define LOGFILE_SIGNATURE 0x654c664c
39
40 /*
41 * Flags used in logfile header
42 */
43 #define ELF_LOGFILE_HEADER_DIRTY 1
44 #define ELF_LOGFILE_HEADER_WRAP 2
45 #define ELF_LOGGFILE_LOGFULL_WRITTEN 4
46 #define ELF_LOGFILE_ARCHIVE_SET 8
47
48 /* FIXME: MSDN reads that the following two structs are in winnt.h. Are they? */
49 typedef struct _EVENTLOGHEADER
50 {
51 ULONG HeaderSize;
52 ULONG Signature;
53 ULONG MajorVersion;
54 ULONG MinorVersion;
55 ULONG StartOffset;
56 ULONG EndOffset;
57 ULONG CurrentRecordNumber;
58 ULONG OldestRecordNumber;
59 ULONG MaxSize;
60 ULONG Flags;
61 ULONG Retention;
62 ULONG EndHeaderSize;
63 } EVENTLOGHEADER, *PEVENTLOGHEADER;
64
65 typedef struct _EVENTLOGEOF
66 {
67 ULONG RecordSizeBeginning;
68 ULONG Ones;
69 ULONG Twos;
70 ULONG Threes;
71 ULONG Fours;
72 ULONG BeginRecord;
73 ULONG EndRecord;
74 ULONG CurrentRecordNumber;
75 ULONG OldestRecordNumber;
76 ULONG RecordSizeEnd;
77 } EVENTLOGEOF, *PEVENTLOGEOF;
78
79 typedef struct _EVENT_OFFSET_INFO
80 {
81 ULONG EventNumber;
82 ULONG EventOffset;
83 } EVENT_OFFSET_INFO, *PEVENT_OFFSET_INFO;
84
85 typedef struct _LOGFILE
86 {
87 HANDLE hFile;
88 EVENTLOGHEADER Header;
89 WCHAR *LogName;
90 WCHAR *FileName;
91 CRITICAL_SECTION cs;
92 PEVENT_OFFSET_INFO OffsetInfo;
93 ULONG OffsetInfoSize;
94 ULONG OffsetInfoNext;
95 LIST_ENTRY ListEntry;
96 } LOGFILE, *PLOGFILE;
97
98 typedef struct _EVENTSOURCE
99 {
100 LIST_ENTRY EventSourceListEntry;
101 PLOGFILE LogFile;
102 WCHAR szName[1];
103 } EVENTSOURCE, *PEVENTSOURCE;
104
105 typedef struct _LOGHANDLE
106 {
107 LIST_ENTRY LogHandleListEntry;
108 PEVENTSOURCE EventSource;
109 PLOGFILE LogFile;
110 ULONG CurrentRecord;
111 WCHAR szName[1];
112 } LOGHANDLE, *PLOGHANDLE;
113
114 /* file.c */
115 VOID LogfListInitialize(VOID);
116
117 PLOGFILE LogfListHead(VOID);
118
119 INT LogfListItemCount(VOID);
120
121 PLOGFILE LogfListItemByIndex(INT Index);
122
123 PLOGFILE LogfListItemByName(WCHAR * Name);
124
125 INT LogfListItemIndexByName(WCHAR * Name);
126
127 VOID LogfListAddItem(PLOGFILE Item);
128
129 VOID LogfListRemoveItem(PLOGFILE Item);
130
131 DWORD LogfReadEvent(PLOGFILE LogFile,
132 DWORD Flags,
133 DWORD * RecordNumber,
134 DWORD BufSize,
135 PBYTE Buffer,
136 DWORD * BytesRead,
137 DWORD * BytesNeeded,
138 BOOL Ansi);
139
140 BOOL LogfWriteData(PLOGFILE LogFile,
141 DWORD BufSize,
142 PBYTE Buffer);
143
144 PLOGFILE LogfCreate(WCHAR * LogName,
145 WCHAR * FileName);
146
147 VOID LogfClose(PLOGFILE LogFile);
148
149 VOID LogfCloseAll(VOID);
150
151 BOOL LogfInitializeNew(PLOGFILE LogFile);
152
153 BOOL LogfInitializeExisting(PLOGFILE LogFile);
154
155 DWORD LogfGetOldestRecord(PLOGFILE LogFile);
156
157 DWORD LogfGetCurrentRecord(PLOGFILE LogFile);
158
159 ULONG LogfOffsetByNumber(PLOGFILE LogFile,
160 DWORD RecordNumber);
161
162 BOOL LogfAddOffsetInformation(PLOGFILE LogFile,
163 ULONG ulNumber,
164 ULONG ulOffset);
165
166 BOOL LogfDeleteOffsetInformation(PLOGFILE LogFile,
167 ULONG ulNumber);
168
169 PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
170 DWORD dwRecordNumber,
171 WORD wType,
172 WORD wCategory,
173 DWORD dwEventId,
174 LPCWSTR SourceName,
175 LPCWSTR ComputerName,
176 DWORD dwSidLength,
177 PSID lpUserSid,
178 WORD wNumStrings,
179 WCHAR * lpStrings,
180 DWORD dwDataSize,
181 LPVOID lpRawData);
182
183 VOID
184 LogfReportEvent(WORD wType,
185 WORD wCategory,
186 DWORD dwEventId,
187 WORD wNumStrings,
188 WCHAR *lpStrings,
189 DWORD dwDataSize,
190 LPVOID lpRawData);
191
192 /* eventlog.c */
193 extern HANDLE MyHeap;
194
195 VOID PRINT_HEADER(PEVENTLOGHEADER header);
196
197 VOID PRINT_RECORD(PEVENTLOGRECORD pRec);
198
199 VOID EventTimeToSystemTime(DWORD EventTime,
200 SYSTEMTIME * SystemTime);
201
202 VOID SystemTimeToEventTime(SYSTEMTIME * pSystemTime,
203 DWORD * pEventTime);
204
205 /* eventsource.c */
206 VOID InitEventSourceList(VOID);
207
208 BOOL
209 LoadEventSources(HKEY hKey,
210 PLOGFILE pLogFile);
211
212 PEVENTSOURCE
213 GetEventSourceByName(LPCWSTR Name);
214
215
216 /* logport.c */
217 NTSTATUS WINAPI PortThreadRoutine(PVOID Param);
218
219 NTSTATUS InitLogPort(VOID);
220
221 NTSTATUS ProcessPortMessage(VOID);
222
223 /* rpc.c */
224 DWORD WINAPI RpcThreadRoutine(LPVOID lpParameter);
225
226 static __inline void LogfFreeRecord(LPVOID Rec)
227 {
228 HeapFree(MyHeap, 0, Rec);
229 }
230
231 #endif /* __EVENTLOG_H__ */
A free Windows-compatible Operating System