projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[ADVAPI33/EVENTLOG]
[reactos.git] / reactos / base / services / eventlog / eventlog.h
1 /*
2 * PROJECT: ReactOS kernel
3 * LICENSE: GPL - See COPYING in the top level directory
4 * FILE: services/eventlog/eventlog.h
5 * PURPOSE: Event logging service
6 * COPYRIGHT: Copyright 2005 Saveliy Tretiakov
7 */
8
9 #ifndef __EVENTLOG_H__
10 #define __EVENTLOG_H__
11
12 #define NDEBUG
13 #define WIN32_NO_STATUS
14
15 #include <stdio.h>
16 #include <windows.h>
17 #include <netevent.h>
18 #include <lpctypes.h>
19 #include <kefuncs.h>
20 #include <lpcfuncs.h>
21 #include <rtlfuncs.h>
22 #include <obfuncs.h>
23 #include <iotypes.h>
24 #include <debug.h>
25 #include "eventlogrpc_s.h"
26
27 typedef struct _IO_ERROR_LPC
28 {
29 PORT_MESSAGE Header;
30 IO_ERROR_LOG_MESSAGE Message;
31 } IO_ERROR_LPC, *PIO_ERROR_LPC;
32
33 #define MAJORVER 1
34 #define MINORVER 1
35
36 /*
37 * Our file format will be compatible with NT's
38 */
39 #define LOGFILE_SIGNATURE 0x654c664c
40
41 /*
42 * Flags used in logfile header
43 */
44 #define ELF_LOGFILE_HEADER_DIRTY 1
45 #define ELF_LOGFILE_HEADER_WRAP 2
46 #define ELF_LOGGFILE_LOGFULL_WRITTEN 4
47 #define ELF_LOGFILE_ARCHIVE_SET 8
48
49 /* FIXME: MSDN reads that the following two structs are in winnt.h. Are they? */
50 typedef struct _EVENTLOGHEADER
51 {
52 ULONG HeaderSize;
53 ULONG Signature;
54 ULONG MajorVersion;
55 ULONG MinorVersion;
56 ULONG StartOffset;
57 ULONG EndOffset;
58 ULONG CurrentRecordNumber;
59 ULONG OldestRecordNumber;
60 ULONG MaxSize;
61 ULONG Flags;
62 ULONG Retention;
63 ULONG EndHeaderSize;
64 } EVENTLOGHEADER, *PEVENTLOGHEADER;
65
66 typedef struct _EVENTLOGEOF
67 {
68 ULONG RecordSizeBeginning;
69 ULONG Ones;
70 ULONG Twos;
71 ULONG Threes;
72 ULONG Fours;
73 ULONG BeginRecord;
74 ULONG EndRecord;
75 ULONG CurrentRecordNumber;
76 ULONG OldestRecordNumber;
77 ULONG RecordSizeEnd;
78 } EVENTLOGEOF, *PEVENTLOGEOF;
79
80 typedef struct _EVENT_OFFSET_INFO
81 {
82 ULONG EventNumber;
83 ULONG EventOffset;
84 } EVENT_OFFSET_INFO, *PEVENT_OFFSET_INFO;
85
86 typedef struct _LOGFILE
87 {
88 HANDLE hFile;
89 EVENTLOGHEADER Header;
90 WCHAR *LogName;
91 WCHAR *FileName;
92 CRITICAL_SECTION cs;
93 PEVENT_OFFSET_INFO OffsetInfo;
94 ULONG OffsetInfoSize;
95 ULONG OffsetInfoNext;
96 LIST_ENTRY ListEntry;
97 } LOGFILE, *PLOGFILE;
98
99 typedef struct _EVENTSOURCE
100 {
101 LIST_ENTRY EventSourceListEntry;
102 PLOGFILE LogFile;
103 WCHAR szName[1];
104 } EVENTSOURCE, *PEVENTSOURCE;
105
106 typedef struct _LOGHANDLE
107 {
108 LIST_ENTRY LogHandleListEntry;
109 PEVENTSOURCE EventSource;
110 PLOGFILE LogFile;
111 ULONG CurrentRecord;
112 WCHAR szName[1];
113 } LOGHANDLE, *PLOGHANDLE;
114
115 /* file.c */
116 VOID LogfListInitialize(VOID);
117
118 PLOGFILE LogfListHead(VOID);
119
120 INT LogfListItemCount(VOID);
121
122 PLOGFILE LogfListItemByIndex(INT Index);
123
124 PLOGFILE LogfListItemByName(WCHAR * Name);
125
126 INT LogfListItemIndexByName(WCHAR * Name);
127
128 VOID LogfListAddItem(PLOGFILE Item);
129
130 VOID LogfListRemoveItem(PLOGFILE Item);
131
132 DWORD LogfReadEvent(PLOGFILE LogFile,
133 DWORD Flags,
134 DWORD * RecordNumber,
135 DWORD BufSize,
136 PBYTE Buffer,
137 DWORD * BytesRead,
138 DWORD * BytesNeeded,
139 BOOL Ansi);
140
141 BOOL LogfWriteData(PLOGFILE LogFile,
142 DWORD BufSize,
143 PBYTE Buffer);
144
145 PLOGFILE LogfCreate(WCHAR * LogName,
146 WCHAR * FileName);
147
148 VOID LogfClose(PLOGFILE LogFile);
149
150 VOID LogfCloseAll(VOID);
151
152 BOOL LogfInitializeNew(PLOGFILE LogFile);
153
154 BOOL LogfInitializeExisting(PLOGFILE LogFile);
155
156 DWORD LogfGetOldestRecord(PLOGFILE LogFile);
157
158 DWORD LogfGetCurrentRecord(PLOGFILE LogFile);
159
160 ULONG LogfOffsetByNumber(PLOGFILE LogFile,
161 DWORD RecordNumber);
162
163 BOOL LogfAddOffsetInformation(PLOGFILE LogFile,
164 ULONG ulNumber,
165 ULONG ulOffset);
166
167 BOOL LogfDeleteOffsetInformation(PLOGFILE LogFile,
168 ULONG ulNumber);
169
170 PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
171 DWORD dwRecordNumber,
172 DWORD dwTime,
173 WORD wType,
174 WORD wCategory,
175 DWORD dwEventId,
176 LPCWSTR SourceName,
177 LPCWSTR ComputerName,
178 DWORD dwSidLength,
179 PSID lpUserSid,
180 WORD wNumStrings,
181 WCHAR * lpStrings,
182 DWORD dwDataSize,
183 LPVOID lpRawData);
184
185 VOID
186 LogfReportEvent(WORD wType,
187 WORD wCategory,
188 DWORD dwEventId,
189 WORD wNumStrings,
190 WCHAR *lpStrings,
191 DWORD dwDataSize,
192 LPVOID lpRawData);
193
194 /* eventlog.c */
195 extern HANDLE MyHeap;
196
197 VOID PRINT_HEADER(PEVENTLOGHEADER header);
198
199 VOID PRINT_RECORD(PEVENTLOGRECORD pRec);
200
201 VOID EventTimeToSystemTime(DWORD EventTime,
202 SYSTEMTIME * SystemTime);
203
204 /* eventsource.c */
205 VOID InitEventSourceList(VOID);
206
207 BOOL
208 LoadEventSources(HKEY hKey,
209 PLOGFILE pLogFile);
210
211 PEVENTSOURCE
212 GetEventSourceByName(LPCWSTR Name);
213
214
215 /* logport.c */
216 NTSTATUS WINAPI PortThreadRoutine(PVOID Param);
217
218 NTSTATUS InitLogPort(VOID);
219
220 NTSTATUS ProcessPortMessage(VOID);
221
222 /* rpc.c */
223 DWORD WINAPI RpcThreadRoutine(LPVOID lpParameter);
224
225 static __inline void LogfFreeRecord(LPVOID Rec)
226 {
227 HeapFree(MyHeap, 0, Rec);
228 }
229
230 #endif /* __EVENTLOG_H__ */
A free Windows-compatible Operating System