projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[EVENTLOG]
[reactos.git] / reactos / base / services / eventlog / eventlog.h
1 /*
2 * PROJECT: ReactOS kernel
3 * LICENSE: GPL - See COPYING in the top level directory
4 * FILE: services/eventlog/eventlog.h
5 * PURPOSE: Event logging service
6 * COPYRIGHT: Copyright 2005 Saveliy Tretiakov
7 */
8
9 #ifndef __EVENTLOG_H__
10 #define __EVENTLOG_H__
11
12 #define NDEBUG
13 #define WIN32_NO_STATUS
14
15 #include <stdio.h>
16 #include <windows.h>
17 #include <netevent.h>
18 #include <lpctypes.h>
19 #include <lpcfuncs.h>
20 #include <rtlfuncs.h>
21 #include <obfuncs.h>
22 #include <iofuncs.h>
23 #include <debug.h>
24 #include "eventlogrpc_s.h"
25
26 typedef struct _IO_ERROR_LPC
27 {
28 PORT_MESSAGE Header;
29 IO_ERROR_LOG_MESSAGE Message;
30 } IO_ERROR_LPC, *PIO_ERROR_LPC;
31
32 #define MAJORVER 1
33 #define MINORVER 1
34
35 /*
36 * Our file format will be compatible with NT's
37 */
38 #define LOGFILE_SIGNATURE 0x654c664c
39
40 /*
41 * Flags used in logfile header
42 */
43 #define ELF_LOGFILE_HEADER_DIRTY 1
44 #define ELF_LOGFILE_HEADER_WRAP 2
45 #define ELF_LOGFILE_LOGFULL_WRITTEN 4
46 #define ELF_LOGFILE_ARCHIVE_SET 8
47
48 /* FIXME: MSDN reads that the following two structs are in winnt.h. Are they? */
49 typedef struct _EVENTLOGHEADER
50 {
51 ULONG HeaderSize;
52 ULONG Signature;
53 ULONG MajorVersion;
54 ULONG MinorVersion;
55 ULONG StartOffset;
56 ULONG EndOffset;
57 ULONG CurrentRecordNumber;
58 ULONG OldestRecordNumber;
59 ULONG MaxSize;
60 ULONG Flags;
61 ULONG Retention;
62 ULONG EndHeaderSize;
63 } EVENTLOGHEADER, *PEVENTLOGHEADER;
64
65 typedef struct _EVENTLOGEOF
66 {
67 ULONG RecordSizeBeginning;
68 ULONG Ones;
69 ULONG Twos;
70 ULONG Threes;
71 ULONG Fours;
72 ULONG BeginRecord;
73 ULONG EndRecord;
74 ULONG CurrentRecordNumber;
75 ULONG OldestRecordNumber;
76 ULONG RecordSizeEnd;
77 } EVENTLOGEOF, *PEVENTLOGEOF;
78
79 typedef struct _EVENT_OFFSET_INFO
80 {
81 ULONG EventNumber;
82 ULONG EventOffset;
83 } EVENT_OFFSET_INFO, *PEVENT_OFFSET_INFO;
84
85 typedef struct _LOGFILE
86 {
87 HANDLE hFile;
88 EVENTLOGHEADER Header;
89 WCHAR *LogName;
90 WCHAR *FileName;
91 RTL_RESOURCE Lock;
92 PEVENT_OFFSET_INFO OffsetInfo;
93 ULONG OffsetInfoSize;
94 ULONG OffsetInfoNext;
95 BOOL Permanent;
96 LIST_ENTRY ListEntry;
97 } LOGFILE, *PLOGFILE;
98
99 typedef struct _EVENTSOURCE
100 {
101 LIST_ENTRY EventSourceListEntry;
102 PLOGFILE LogFile;
103 WCHAR szName[1];
104 } EVENTSOURCE, *PEVENTSOURCE;
105
106
107 /* Log Handle Flags */
108 #define LOG_HANDLE_BACKUP_FILE 1
109
110 typedef struct _LOGHANDLE
111 {
112 LIST_ENTRY LogHandleListEntry;
113 PEVENTSOURCE EventSource;
114 PLOGFILE LogFile;
115 ULONG CurrentRecord;
116 ULONG Flags;
117 WCHAR szName[1];
118 } LOGHANDLE, *PLOGHANDLE;
119
120 /* file.c */
121 VOID LogfListInitialize(VOID);
122
123 PLOGFILE LogfListHead(VOID);
124
125 INT LogfListItemCount(VOID);
126
127 PLOGFILE LogfListItemByIndex(INT Index);
128
129 PLOGFILE LogfListItemByName(WCHAR * Name);
130
131 INT LogfListItemIndexByName(WCHAR * Name);
132
133 VOID LogfListAddItem(PLOGFILE Item);
134
135 VOID LogfListRemoveItem(PLOGFILE Item);
136
137 DWORD LogfReadEvent(PLOGFILE LogFile,
138 DWORD Flags,
139 DWORD * RecordNumber,
140 DWORD BufSize,
141 PBYTE Buffer,
142 DWORD * BytesRead,
143 DWORD * BytesNeeded,
144 BOOL Ansi);
145
146 BOOL LogfWriteData(PLOGFILE LogFile,
147 DWORD BufSize,
148 PBYTE Buffer);
149
150 NTSTATUS
151 LogfClearFile(PLOGFILE LogFile,
152 PUNICODE_STRING BackupFileName);
153
154 NTSTATUS
155 LogfBackupFile(PLOGFILE LogFile,
156 PUNICODE_STRING BackupFileName);
157
158 NTSTATUS
159 LogfCreate(PLOGFILE *Logfile,
160 WCHAR * LogName,
161 PUNICODE_STRING FileName,
162 BOOL Permanent,
163 BOOL Backup);
164
165 VOID
166 LogfClose(PLOGFILE LogFile,
167 BOOL ForceClose);
168
169 VOID LogfCloseAll(VOID);
170
171 BOOL LogfInitializeNew(PLOGFILE LogFile);
172
173 BOOL LogfInitializeExisting(PLOGFILE LogFile);
174
175 DWORD LogfGetOldestRecord(PLOGFILE LogFile);
176
177 DWORD LogfGetCurrentRecord(PLOGFILE LogFile);
178
179 ULONG LogfOffsetByNumber(PLOGFILE LogFile,
180 DWORD RecordNumber);
181
182 BOOL LogfAddOffsetInformation(PLOGFILE LogFile,
183 ULONG ulNumber,
184 ULONG ulOffset);
185
186 BOOL LogfDeleteOffsetInformation(PLOGFILE LogFile,
187 ULONG ulNumber);
188
189 PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
190 DWORD dwRecordNumber,
191 WORD wType,
192 WORD wCategory,
193 DWORD dwEventId,
194 LPCWSTR SourceName,
195 LPCWSTR ComputerName,
196 DWORD dwSidLength,
197 PSID lpUserSid,
198 WORD wNumStrings,
199 WCHAR * lpStrings,
200 DWORD dwDataSize,
201 LPVOID lpRawData);
202
203 VOID
204 LogfReportEvent(WORD wType,
205 WORD wCategory,
206 DWORD dwEventId,
207 WORD wNumStrings,
208 WCHAR *lpStrings,
209 DWORD dwDataSize,
210 LPVOID lpRawData);
211
212 /* eventlog.c */
213 extern HANDLE MyHeap;
214
215 VOID PRINT_HEADER(PEVENTLOGHEADER header);
216
217 VOID PRINT_RECORD(PEVENTLOGRECORD pRec);
218
219 VOID EventTimeToSystemTime(DWORD EventTime,
220 SYSTEMTIME * SystemTime);
221
222 VOID SystemTimeToEventTime(SYSTEMTIME * pSystemTime,
223 DWORD * pEventTime);
224
225 /* eventsource.c */
226 VOID InitEventSourceList(VOID);
227
228 BOOL
229 LoadEventSources(HKEY hKey,
230 PLOGFILE pLogFile);
231
232 PEVENTSOURCE
233 GetEventSourceByName(LPCWSTR Name);
234
235
236 /* logport.c */
237 NTSTATUS WINAPI PortThreadRoutine(PVOID Param);
238
239 NTSTATUS InitLogPort(VOID);
240
241 NTSTATUS ProcessPortMessage(VOID);
242
243 /* rpc.c */
244 DWORD WINAPI RpcThreadRoutine(LPVOID lpParameter);
245
246 static __inline void LogfFreeRecord(LPVOID Rec)
247 {
248 HeapFree(MyHeap, 0, Rec);
249 }
250
251 #endif /* __EVENTLOG_H__ */
A free Windows-compatible Operating System