projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Saveliy Tretiakov <saveliyt@mail.ru>:
[reactos.git] / reactos / services / eventlog / eventlog.c
1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS kernel
4 * FILE: services/eventlog/eventlog.c
5 * PURPOSE: Event logging service
6 * PROGRAMMERS: Saveliy Tretiakov (saveliyt@mail.ru)
7 * Eric Kohl
8 */
9
10
11 #include "eventlog.h"
12
13 VOID CALLBACK ServiceMain(DWORD argc, LPTSTR *argv);
14
15 SERVICE_TABLE_ENTRY ServiceTable[2] =
16 {
17 {L"EventLog", (LPSERVICE_MAIN_FUNCTION)ServiceMain},
18 {NULL, NULL}
19 };
20
21 HANDLE MyHeap = NULL;
22 PLOGFILE SystemLog = NULL;
23
24 VOID CALLBACK ServiceMain(DWORD argc, LPTSTR *argv)
25 {
26 HANDLE hThread;
27
28 hThread = CreateThread(NULL,
29 0,
30 (LPTHREAD_START_ROUTINE)
31 PortThreadRoutine,
32 NULL,
33 0,
34 NULL);
35
36 if(!hThread) DPRINT("Can't create PortThread\n");
37 else CloseHandle(hThread);
38
39 hThread = CreateThread(NULL,
40 0,
41 (LPTHREAD_START_ROUTINE)
42 RpcThreadRoutine,
43 NULL,
44 0,
45 NULL);
46
47 if(!hThread) DPRINT("Can't create RpcThread\n");
48 else CloseHandle(hThread);
49 }
50
51
52 int main(int argc, char *argv[])
53 {
54 WCHAR SysLogPath[MAX_PATH];
55 MyHeap = HeapCreate(0, 1024*256, 0);
56
57 if(MyHeap==NULL)
58 {
59 DbgPrint("EventLog: FATAL ERROR, can't create heap.\n");
60 return 1;
61 }
62
63 /*
64 This will be fixed in near future
65 */
66
67 GetWindowsDirectory(SysLogPath, MAX_PATH);
68 lstrcat(SysLogPath, L"\\system32\\config\\SysEvent.evt");
69
70 SystemLog = LogfCreate(L"System", SysLogPath);
71
72 if(SystemLog == NULL)
73 {
74 DbgPrint("EventLog: FATAL ERROR, can't create %S\n", SysLogPath);
75 HeapDestroy(MyHeap);
76 return 1;
77 }
78
79 StartServiceCtrlDispatcher(ServiceTable);
80
81 LogfClose(SystemLog);
82 HeapDestroy(MyHeap);
83
84 return 0;
85 }
86
87 VOID EventTimeToSystemTime(DWORD EventTime,
88 SYSTEMTIME *pSystemTime)
89 {
90 SYSTEMTIME st1970 = { 1970, 1, 0, 1, 0, 0, 0, 0 };
91 FILETIME ftLocal;
92 union {
93 FILETIME ft;
94 ULONGLONG ll;
95 } u1970, uUCT;
96
97 uUCT.ft.dwHighDateTime = 0;
98 uUCT.ft.dwLowDateTime = EventTime;
99 SystemTimeToFileTime(&st1970, &u1970.ft);
100 uUCT.ll = uUCT.ll * 10000000 + u1970.ll;
101 FileTimeToLocalFileTime(&uUCT.ft, &ftLocal);
102 FileTimeToSystemTime(&ftLocal, pSystemTime);
103 }
104
105 VOID SystemTimeToEventTime(SYSTEMTIME *pSystemTime,
106 DWORD *pEventTime)
107 {
108 SYSTEMTIME st1970 = { 1970, 1, 0, 1, 0, 0, 0, 0 };
109 union {
110 FILETIME ft;
111 ULONGLONG ll;
112 } Time, u1970;
113
114 SystemTimeToFileTime(pSystemTime, &Time.ft);
115 SystemTimeToFileTime(&st1970, &u1970.ft);
116 *pEventTime = (Time.ll - u1970.ll) / 10000000;
117 }
118
119 VOID PRINT_HEADER(PFILE_HEADER header)
120 {
121 DPRINT("SizeOfHeader=%d\n",header->SizeOfHeader);
122 DPRINT("Signature=0x%x\n",header->Signature);
123 DPRINT("MajorVersion=%d\n",header->MajorVersion);
124 DPRINT("MinorVersion=%d\n",header->MinorVersion);
125 DPRINT("FirstRecordOffset=%d\n",header->FirstRecordOffset);
126 DPRINT("EofOffset=0x%x\n",header->EofOffset);
127 DPRINT("NextRecord=%d\n",header->NextRecord);
128 DPRINT("OldestRecord=%d\n",header->OldestRecord);
129 DPRINT("unknown1=0x%x\n",header->unknown1);
130 DPRINT("unknown2=0x%x\n",header->unknown2);
131 DPRINT("SizeOfHeader2=%d\n",header->SizeOfHeader2);
132 DPRINT("Flags: ");
133 if(header->Flags & LOGFILE_FLAG1)DPRINT("LOGFILE_FLAG1 ");
134 if(header->Flags & LOGFILE_FLAG2)DPRINT("| LOGFILE_FLAG2 ");
135 if(header->Flags & LOGFILE_FLAG3)DPRINT("| LOGFILE_FLAG3 ");
136 if(header->Flags & LOGFILE_FLAG4)DPRINT("| LOGFILE_FLAG4");
137 DPRINT("\n");
138 }
139
140 VOID PRINT_RECORD(PEVENTLOGRECORD pRec)
141 {
142 UINT i;
143 WCHAR *str;
144 SYSTEMTIME time;
145
146 DPRINT("Length=%d\n", pRec->Length );
147 DPRINT("Reserved=0x%x\n", pRec->Reserved );
148 DPRINT("RecordNumber=%d\n", pRec->RecordNumber );
149
150 EventTimeToSystemTime(pRec->TimeGenerated, &time);
151 DPRINT("TimeGenerated=%d.%d.%d %d:%d:%d\n",
152 time.wDay, time.wMonth, time.wYear,
153 time.wHour, time.wMinute, time.wSecond);
154
155 EventTimeToSystemTime(pRec->TimeWritten, &time);
156 DPRINT("TimeWritten=%d.%d.%d %d:%d:%d\n",
157 time.wDay, time.wMonth, time.wYear,
158 time.wHour, time.wMinute, time.wSecond);
159
160 DPRINT("EventID=%d\n", pRec->EventID );
161
162 switch(pRec->EventType)
163 {
164 case EVENTLOG_ERROR_TYPE:
165 DPRINT("EventType = EVENTLOG_ERROR_TYPE\n");
166 break;
167 case EVENTLOG_WARNING_TYPE:
168 DPRINT("EventType = EVENTLOG_WARNING_TYPE\n");
169 break;
170 case EVENTLOG_INFORMATION_TYPE:
171 DPRINT("EventType = EVENTLOG_INFORMATION_TYPE\n");
172 break;
173 case EVENTLOG_AUDIT_SUCCESS:
174 DPRINT("EventType = EVENTLOG_AUDIT_SUCCESS\n");
175 break;
176 case EVENTLOG_AUDIT_FAILURE:
177 DPRINT("EventType = EVENTLOG_AUDIT_FAILURE\n");
178 break;
179 default:
180 DPRINT("EventType = %x\n");
181 }
182
183 DPRINT("NumStrings=%d\n", pRec->NumStrings );
184 DPRINT("EventCategory=%d\n", pRec->EventCategory);
185 DPRINT("ReservedFlags=0x%x\n", pRec->ReservedFlags);
186 DPRINT("ClosingRecordNumber=%d\n", pRec->ClosingRecordNumber);
187 DPRINT("StringOffset=%d\n", pRec->StringOffset);
188 DPRINT("UserSidLength=%d\n", pRec->UserSidLength);
189 DPRINT("UserSidOffset=%d\n", pRec->UserSidOffset);
190 DPRINT("DataLength=%d\n", pRec->DataLength);
191 DPRINT("DataOffset=%d\n", pRec->DataOffset);
192
193 DPRINT("SourceName: %S\n", (WCHAR *)(((PBYTE)pRec)+sizeof(EVENTLOGRECORD)));
194 i = (lstrlenW((WCHAR *)(((PBYTE)pRec)+sizeof(EVENTLOGRECORD)))+1)*sizeof(WCHAR);
195 DPRINT("ComputerName: %S\n", (WCHAR *)(((PBYTE)pRec)+sizeof(EVENTLOGRECORD)+i));
196
197 if(pRec->StringOffset < pRec->Length && pRec->NumStrings){
198 DPRINT("Strings:\n");
199 str = (WCHAR*)(((PBYTE)pRec)+pRec->StringOffset);
200 for(i = 0; i < pRec->NumStrings; i++)
201 {
202 DPRINT("[%d] %S\n", i, str);
203 str = str+lstrlenW(str)+1;
204 }
205 }
206
207 DPRINT("Length2=%d\n", *(PDWORD)(((PBYTE)pRec)+pRec->Length-4));
208 }
209
210
211
A free Windows-compatible Operating System