projects / reactos.git / blob
? search:


6bf4e71e20a6510964050117a8ac0280c00c6de0
[reactos.git] / reactos / base / services / eventlog / eventlog.h
1 /*
2 * PROJECT: ReactOS kernel
3 * LICENSE: GPL - See COPYING in the top level directory
4 * FILE: services/eventlog/eventlog.h
5 * PURPOSE: Event logging service
6 * COPYRIGHT: Copyright 2005 Saveliy Tretiakov
7 */
8
9 #ifndef __EVENTLOG_H__
10 #define __EVENTLOG_H__
11
12 #define NDEBUG
13 #define WIN32_NO_STATUS
14
15 #include <stdio.h>
16
17 #include <windef.h>
18 #include <winbase.h>
19 #include <netevent.h>
20 #include <lpctypes.h>
21 #include <lpcfuncs.h>
22 #include <rtlfuncs.h>
23 #include <obfuncs.h>
24 #include <iofuncs.h>
25 #include <debug.h>
26 #include <eventlogrpc_s.h>
27
28 typedef struct _IO_ERROR_LPC
29 {
30 PORT_MESSAGE Header;
31 IO_ERROR_LOG_MESSAGE Message;
32 } IO_ERROR_LPC, *PIO_ERROR_LPC;
33
34 #define MAJORVER 1
35 #define MINORVER 1
36
37 /*
38 * Our file format will be compatible with NT's
39 */
40 #define LOGFILE_SIGNATURE 0x654c664c
41
42 /*
43 * Flags used in logfile header
44 */
45 #define ELF_LOGFILE_HEADER_DIRTY 1
46 #define ELF_LOGFILE_HEADER_WRAP 2
47 #define ELF_LOGFILE_LOGFULL_WRITTEN 4
48 #define ELF_LOGFILE_ARCHIVE_SET 8
49
50 /* FIXME: MSDN reads that the following two structs are in winnt.h. Are they? */
51 typedef struct _EVENTLOGHEADER
52 {
53 ULONG HeaderSize;
54 ULONG Signature;
55 ULONG MajorVersion;
56 ULONG MinorVersion;
57 ULONG StartOffset;
58 ULONG EndOffset;
59 ULONG CurrentRecordNumber;
60 ULONG OldestRecordNumber;
61 ULONG MaxSize;
62 ULONG Flags;
63 ULONG Retention;
64 ULONG EndHeaderSize;
65 } EVENTLOGHEADER, *PEVENTLOGHEADER;
66
67 typedef struct _EVENTLOGEOF
68 {
69 ULONG RecordSizeBeginning;
70 ULONG Ones;
71 ULONG Twos;
72 ULONG Threes;
73 ULONG Fours;
74 ULONG BeginRecord;
75 ULONG EndRecord;
76 ULONG CurrentRecordNumber;
77 ULONG OldestRecordNumber;
78 ULONG RecordSizeEnd;
79 } EVENTLOGEOF, *PEVENTLOGEOF;
80
81 typedef struct _EVENT_OFFSET_INFO
82 {
83 ULONG EventNumber;
84 ULONG EventOffset;
85 } EVENT_OFFSET_INFO, *PEVENT_OFFSET_INFO;
86
87 typedef struct _LOGFILE
88 {
89 HANDLE hFile;
90 EVENTLOGHEADER Header;
91 WCHAR *LogName;
92 WCHAR *FileName;
93 RTL_RESOURCE Lock;
94 PEVENT_OFFSET_INFO OffsetInfo;
95 ULONG OffsetInfoSize;
96 ULONG OffsetInfoNext;
97 BOOL Permanent;
98 LIST_ENTRY ListEntry;
99 } LOGFILE, *PLOGFILE;
100
101 typedef struct _EVENTSOURCE
102 {
103 LIST_ENTRY EventSourceListEntry;
104 PLOGFILE LogFile;
105 WCHAR szName[1];
106 } EVENTSOURCE, *PEVENTSOURCE;
107
108
109 /* Log Handle Flags */
110 #define LOG_HANDLE_BACKUP_FILE 1
111
112 typedef struct _LOGHANDLE
113 {
114 LIST_ENTRY LogHandleListEntry;
115 PEVENTSOURCE EventSource;
116 PLOGFILE LogFile;
117 ULONG CurrentRecord;
118 ULONG Flags;
119 WCHAR szName[1];
120 } LOGHANDLE, *PLOGHANDLE;
121
122 /* file.c */
123 VOID LogfListInitialize(VOID);
124
125 PLOGFILE LogfListHead(VOID);
126
127 INT LogfListItemCount(VOID);
128
129 PLOGFILE LogfListItemByIndex(INT Index);
130
131 PLOGFILE LogfListItemByName(WCHAR * Name);
132
133 INT LogfListItemIndexByName(WCHAR * Name);
134
135 VOID LogfListAddItem(PLOGFILE Item);
136
137 VOID LogfListRemoveItem(PLOGFILE Item);
138
139 DWORD LogfReadEvent(PLOGFILE LogFile,
140 DWORD Flags,
141 DWORD * RecordNumber,
142 DWORD BufSize,
143 PBYTE Buffer,
144 DWORD * BytesRead,
145 DWORD * BytesNeeded,
146 BOOL Ansi);
147
148 BOOL LogfWriteData(PLOGFILE LogFile,
149 DWORD BufSize,
150 PBYTE Buffer);
151
152 NTSTATUS
153 LogfClearFile(PLOGFILE LogFile,
154 PUNICODE_STRING BackupFileName);
155
156 NTSTATUS
157 LogfBackupFile(PLOGFILE LogFile,
158 PUNICODE_STRING BackupFileName);
159
160 NTSTATUS
161 LogfCreate(PLOGFILE *Logfile,
162 WCHAR * LogName,
163 PUNICODE_STRING FileName,
164 BOOL Permanent,
165 BOOL Backup);
166
167 VOID
168 LogfClose(PLOGFILE LogFile,
169 BOOL ForceClose);
170
171 VOID LogfCloseAll(VOID);
172
173 DWORD LogfGetOldestRecord(PLOGFILE LogFile);
174
175 DWORD LogfGetCurrentRecord(PLOGFILE LogFile);
176
177 ULONG LogfOffsetByNumber(PLOGFILE LogFile,
178 DWORD RecordNumber);
179
180 BOOL LogfAddOffsetInformation(PLOGFILE LogFile,
181 ULONG ulNumber,
182 ULONG ulOffset);
183
184 BOOL LogfDeleteOffsetInformation(PLOGFILE LogFile,
185 ULONG ulNumber);
186
187 PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
188 DWORD dwRecordNumber,
189 WORD wType,
190 WORD wCategory,
191 DWORD dwEventId,
192 LPCWSTR SourceName,
193 LPCWSTR ComputerName,
194 DWORD dwSidLength,
195 PSID lpUserSid,
196 WORD wNumStrings,
197 WCHAR * lpStrings,
198 DWORD dwDataSize,
199 LPVOID lpRawData);
200
201 VOID
202 LogfReportEvent(WORD wType,
203 WORD wCategory,
204 DWORD dwEventId,
205 WORD wNumStrings,
206 WCHAR *lpStrings,
207 DWORD dwDataSize,
208 LPVOID lpRawData);
209
210 /* eventlog.c */
211 extern HANDLE MyHeap;
212
213 VOID PRINT_HEADER(PEVENTLOGHEADER header);
214
215 VOID PRINT_RECORD(PEVENTLOGRECORD pRec);
216
217 VOID EventTimeToSystemTime(DWORD EventTime,
218 SYSTEMTIME * SystemTime);
219
220 VOID SystemTimeToEventTime(SYSTEMTIME * pSystemTime,
221 DWORD * pEventTime);
222
223 /* eventsource.c */
224 VOID InitEventSourceList(VOID);
225
226 BOOL
227 LoadEventSources(HKEY hKey,
228 PLOGFILE pLogFile);
229
230 PEVENTSOURCE
231 GetEventSourceByName(LPCWSTR Name);
232
233
234 /* logport.c */
235 NTSTATUS WINAPI PortThreadRoutine(PVOID Param);
236
237 NTSTATUS InitLogPort(VOID);
238
239 NTSTATUS ProcessPortMessage(VOID);
240
241 /* rpc.c */
242 DWORD WINAPI RpcThreadRoutine(LPVOID lpParameter);
243
244 static __inline void LogfFreeRecord(LPVOID Rec)
245 {
246 HeapFree(MyHeap, 0, Rec);
247 }
248
249 #endif /* __EVENTLOG_H__ */
A free Windows-compatible Operating System