reactos/base/services/eventlog/eventlog.h

   1 /*
   2  * PROJECT:          ReactOS kernel
   3  * LICENSE:          GPL - See COPYING in the top level directory
   4  * FILE:             services/eventlog/eventlog.h
   5  * PURPOSE:          Event logging service
   6  * COPYRIGHT:        Copyright 2005 Saveliy Tretiakov
   7  */
   8
   9 #ifndef __EVENTLOG_H__
  10 #define __EVENTLOG_H__
  11
  12 #define NDEBUG
  13 #define WIN32_NO_STATUS
  14
  15 #include <windows.h>
  16 #include <netevent.h>
  17 #include <lpctypes.h>
  18 #include <lpcfuncs.h>
  19 #include <rtlfuncs.h>
  20 #include <obfuncs.h>
  21 #include <iotypes.h>
  22 #include <debug.h>
  23 #include "eventlogrpc_s.h"
  24
  25 typedef struct _IO_ERROR_LPC
  26 {
  27     PORT_MESSAGE Header;
  28     IO_ERROR_LOG_MESSAGE Message;
  29 } IO_ERROR_LPC, *PIO_ERROR_LPC;
  30
  31 #define MAJORVER 1
  32 #define MINORVER 1
  33
  34 /*
  35  *  Our file format will be compatible with NT's
  36  */
  37 #define LOGFILE_SIGNATURE 0x654c664c
  38
  39 /*
  40  *  Flags used in logfile header
  41  */
  42 #define ELF_LOGFILE_HEADER_DIRTY 1
  43 #define ELF_LOGFILE_HEADER_WRAP 2
  44 #define ELF_LOGGFILE_LOGFULL_WRITTEN 4
  45 #define ELF_LOGFILE_ARCHIVE_SET 8
  46
  47 /* FIXME: MSDN reads that the following two structs are in winnt.h. Are they? */
  48 typedef struct _EVENTLOGHEADER
  49 {
  50     ULONG HeaderSize;
  51     ULONG Signature;
  52     ULONG MajorVersion;
  53     ULONG MinorVersion;
  54     ULONG StartOffset;
  55     ULONG EndOffset;
  56     ULONG CurrentRecordNumber;
  57     ULONG OldestRecordNumber;
  58     ULONG MaxSize;
  59     ULONG Flags;
  60     ULONG Retention;
  61     ULONG EndHeaderSize;
  62 } EVENTLOGHEADER, *PEVENTLOGHEADER;
  63
  64 typedef struct _EVENTLOGEOF
  65 {
  66     ULONG RecordSizeBeginning;
  67     ULONG Ones;
  68     ULONG Twos;
  69     ULONG Threes;
  70     ULONG Fours;
  71     ULONG BeginRecord;
  72     ULONG EndRecord;
  73     ULONG CurrentRecordNumber;
  74     ULONG OldestRecordNumber;
  75     ULONG RecordSizeEnd;
  76 } EVENTLOGEOF, *PEVENTLOGEOF;
  77
  78 typedef struct _EVENT_OFFSET_INFO
  79 {
  80     ULONG EventNumber;
  81     ULONG EventOffset;
  82 } EVENT_OFFSET_INFO, *PEVENT_OFFSET_INFO;
  83
  84 typedef struct _LOGFILE
  85 {
  86     HANDLE hFile;
  87     EVENTLOGHEADER Header;
  88     WCHAR *LogName;
  89     WCHAR *FileName;
  90     CRITICAL_SECTION cs;
  91     PEVENT_OFFSET_INFO OffsetInfo;
  92     ULONG OffsetInfoSize;
  93     ULONG OffsetInfoNext;
  94     LIST_ENTRY ListEntry;
  95 } LOGFILE, *PLOGFILE;
  96
  97 typedef struct _EVENTSOURCE
  98 {
  99     LIST_ENTRY EventSourceListEntry;
 100     PLOGFILE LogFile;
 101     WCHAR szName[1];
 102 } EVENTSOURCE, *PEVENTSOURCE;
 103
 104 typedef struct _LOGHANDLE
 105 {
 106     LIST_ENTRY LogHandleListEntry;
 107     PEVENTSOURCE EventSource;
 108     PLOGFILE LogFile;
 109     ULONG CurrentRecord;
 110     WCHAR szName[1];
 111 } LOGHANDLE, *PLOGHANDLE;
 112
 113 /* file.c */
 114 VOID LogfListInitialize(VOID);
 115
 116 PLOGFILE LogfListHead(VOID);
 117
 118 INT LogfListItemCount(VOID);
 119
 120 PLOGFILE LogfListItemByIndex(INT Index);
 121
 122 PLOGFILE LogfListItemByName(WCHAR * Name);
 123
 124 INT LogfListItemIndexByName(WCHAR * Name);
 125
 126 VOID LogfListAddItem(PLOGFILE Item);
 127
 128 VOID LogfListRemoveItem(PLOGFILE Item);
 129
 130 DWORD LogfReadEvent(PLOGFILE LogFile,
 131                    DWORD Flags,
 132                    DWORD * RecordNumber,
 133                    DWORD BufSize,
 134                    PBYTE Buffer,
 135                    DWORD * BytesRead,
 136                    DWORD * BytesNeeded);
 137
 138 BOOL LogfWriteData(PLOGFILE LogFile,
 139                    DWORD BufSize,
 140                    PBYTE Buffer);
 141
 142 PLOGFILE LogfCreate(WCHAR * LogName,
 143                     WCHAR * FileName);
 144
 145 VOID LogfClose(PLOGFILE LogFile);
 146
 147 VOID LogfCloseAll(VOID);
 148
 149 BOOL LogfInitializeNew(PLOGFILE LogFile);
 150
 151 BOOL LogfInitializeExisting(PLOGFILE LogFile);
 152
 153 DWORD LogfGetOldestRecord(PLOGFILE LogFile);
 154
 155 DWORD LogfGetCurrentRecord(PLOGFILE LogFile);
 156
 157 ULONG LogfOffsetByNumber(PLOGFILE LogFile,
 158                          DWORD RecordNumber);
 159
 160 BOOL LogfAddOffsetInformation(PLOGFILE LogFile,
 161                               ULONG ulNumber,
 162                               ULONG ulOffset);
 163
 164 BOOL LogfDeleteOffsetInformation(PLOGFILE LogFile,
 165                               ULONG ulNumber);
 166
 167 PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
 168                                  DWORD dwRecordNumber,
 169                                  WORD wType,
 170                                  WORD wCategory,
 171                                  DWORD dwEventId,
 172                                  LPCWSTR SourceName,
 173                                  LPCWSTR ComputerName,
 174                                  DWORD dwSidLength,
 175                                  PSID lpUserSid,
 176                                  WORD wNumStrings,
 177                                  WCHAR * lpStrings,
 178                                  DWORD dwDataSize,
 179                                  LPVOID lpRawData);
 180
 181 VOID
 182 LogfReportEvent(WORD wType,
 183                 WORD wCategory,
 184                 DWORD dwEventId);
 185
 186 /* eventlog.c */
 187 extern HANDLE MyHeap;
 188
 189 VOID PRINT_HEADER(PEVENTLOGHEADER header);
 190
 191 VOID PRINT_RECORD(PEVENTLOGRECORD pRec);
 192
 193 VOID EventTimeToSystemTime(DWORD EventTime,
 194                            SYSTEMTIME * SystemTime);
 195
 196 VOID SystemTimeToEventTime(SYSTEMTIME * pSystemTime,
 197                            DWORD * pEventTime);
 198
 199 /* eventsource.c */
 200 VOID InitEventSourceList(VOID);
 201
 202 BOOL
 203 LoadEventSources(HKEY hKey,
 204                  PLOGFILE pLogFile);
 205
 206 PEVENTSOURCE
 207 GetEventSourceByName(LPCWSTR Name);
 208
 209
 210 /* logport.c */
 211 NTSTATUS WINAPI PortThreadRoutine(PVOID Param);
 212
 213 NTSTATUS InitLogPort(VOID);
 214
 215 NTSTATUS ProcessPortMessage(VOID);
 216
 217 /* rpc.c */
 218 DWORD WINAPI RpcThreadRoutine(LPVOID lpParameter);
 219
 220 static __inline void LogfFreeRecord(LPVOID Rec)
 221 {
 222     HeapFree(MyHeap, 0, Rec);
 223 }
 224
 225 #endif  /* __EVENTLOG_H__ */