projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
- Fix some formatting.
[reactos.git] / reactos / services / eventlog / eventlog.h
1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS
4 * FILE: eventlog.h
5 * PURPOSE: Event logging service
6 * PROGRAMMER: Saveliy Tretiakov (saveliyt@mail.ru)
7 */
8
9 #ifndef __EVENTLOG_H__
10 #define __EVENTLOG_H__
11
12 #define WIN32_NO_STATUS
13 #include <windows.h>
14 #define NTOS_MODE_USER
15 #include <ndk/ntndk.h>
16 #include <debug.h>
17 #include "eventlogrpc_s.h"
18
19 typedef struct _IO_ERROR_LPC
20 {
21 PORT_MESSAGE Header;
22 IO_ERROR_LOG_MESSAGE Message;
23 } IO_ERROR_LPC, *PIO_ERROR_LPC;
24
25 #define LOGHANDLE unsigned char*
26 #define PLOGHANDLE int*
27
28 #define MAJORVER 1
29 #define MINORVER 1
30
31 /*
32 * Our file format will be compatible with NT's
33 */
34
35 #define LOGFILE_SIGNATURE 0x654c664c
36
37 /*
38 * FIXME
39 * Flags used in logfile header
40 */
41 #define LOGFILE_FLAG1 1
42 #define LOGFILE_FLAG2 2
43 #define LOGFILE_FLAG3 4
44 #define LOGFILE_FLAG4 8
45
46 typedef struct {
47 DWORD SizeOfHeader;
48 DWORD Signature;
49 DWORD MajorVersion;
50 DWORD MinorVersion;
51 DWORD FirstRecordOffset;
52 DWORD EofOffset;
53 DWORD NextRecord;
54 DWORD OldestRecord;
55 DWORD unknown1;
56 DWORD Flags;
57 DWORD unknown2;
58 DWORD SizeOfHeader2;
59 } FILE_HEADER, *PFILE_HEADER;
60
61 typedef struct {
62 DWORD Size1;
63 DWORD Ones; // Must be 0x11111111
64 DWORD Twos; // Must be 0x22222222
65 DWORD Threes; // Must be 0x33333333
66 DWORD Fours; // Must be 0x44444444
67 DWORD StartOffset;
68 DWORD EndOffset;
69 DWORD NextRecordNumber;
70 DWORD OldestRecordNumber;
71 DWORD Size2;
72 } EOF_RECORD, *PEOF_RECORD;
73
74 typedef struct {
75 ULONG EventNumber;
76 ULONG EventOffset;
77 } EVENT_OFFSET_INFO, *PEVENT_OFFSET_INFO;
78
79 typedef struct {
80 HANDLE hFile;
81 FILE_HEADER Header;
82 WCHAR *LogName;
83 WCHAR *FileName;
84 CRITICAL_SECTION cs;
85 PEVENT_OFFSET_INFO OffsetInfo;
86 ULONG OffsetInfoSize;
87 ULONG OffsetInfoNext;
88 PVOID Next;
89 PVOID Prev;
90 } LOGFILE, *PLOGFILE;
91
92
93 /* file.c */
94 PLOGFILE LogfListHead();
95
96 INT LogfListItemCount();
97
98 PLOGFILE LogfListItemByIndex(INT Index);
99
100 PLOGFILE LogfListItemByName(WCHAR *Name);
101
102 VOID LogfListAddItem(PLOGFILE Item);
103
104 VOID LogfListRemoveItem(PLOGFILE Item);
105
106 BOOL LogfReadEvent(PLOGFILE LogFile,
107 DWORD Flags,
108 DWORD RecordNumber,
109 DWORD BufSize,
110 PBYTE Buffer,
111 DWORD *BytesRead,
112 DWORD *BytesNeeded);
113
114 BOOL LogfWriteData(PLOGFILE LogFile,
115 DWORD BufSize,
116 PBYTE Buffer);
117
118 PLOGFILE LogfCreate(WCHAR *LogName,
119 WCHAR *FileName);
120
121 VOID LogfClose(PLOGFILE LogFile);
122
123 BOOL LogfInitializeNew(PLOGFILE LogFile);
124
125 BOOL LogfInitializeExisting(PLOGFILE LogFile);
126
127 DWORD LogfGetOldestRecord(PLOGFILE LogFile);
128
129 ULONG LogfOffsetByNumber(PLOGFILE LogFile,
130 DWORD RecordNumber);
131
132 BOOL LogfAddOffsetInformation(PLOGFILE LogFile,
133 ULONG ulNumber,
134 ULONG ulOffset);
135
136 DWORD LogfBuildNewRecord(PBYTE Buffer,
137 DWORD dwRecordNumber,
138 WORD wType,
139 WORD wCategory,
140 DWORD dwEventId,
141 LPCWSTR SourceName,
142 LPCWSTR ComputerName,
143 DWORD dwSidLength,
144 PSID lpUserSid,
145 WORD wNumStrings,
146 WCHAR *lpStrings,
147 DWORD dwDataSize,
148 LPVOID lpRawData);
149
150 /* eventlog.c */
151 VOID PRINT_HEADER(PFILE_HEADER header);
152
153 VOID PRINT_RECORD(PEVENTLOGRECORD pRec);
154
155 VOID EventTimeToSystemTime(DWORD EventTime,
156 SYSTEMTIME *SystemTime);
157
158 VOID SystemTimeToEventTime(SYSTEMTIME *pSystemTime,
159 DWORD *pEventTime);
160
161 /* logport.c */
162 NTSTATUS STDCALL PortThreadRoutine(PVOID Param);
163
164 NTSTATUS InitLogPort(VOID);
165
166 NTSTATUS ProcessPortMessage(VOID);
167
168 /* rpc.c */
169 DWORD STDCALL RpcThreadRoutine(LPVOID lpParameter);
170
171 NTSTATUS EventLogClearW(
172 handle_t BindingHandle,
173 LOGHANDLE Handle,
174 wchar_t *BackupName);
175
176 NTSTATUS EventLogBackupW(
177 handle_t BindingHandle,
178 LOGHANDLE Handle,
179 wchar_t *FileName);
180
181 NTSTATUS EventLogClose(
182 handle_t BindingHandle,
183 PLOGHANDLE Handle);
184
185 NTSTATUS EventLogUnregSrc(
186 handle_t BindingHandle,
187 PLOGHANDLE Handle);
188
189 NTSTATUS EventLogRecordsNumber(
190 handle_t BindingHandle,
191 LOGHANDLE Handle,
192 unsigned long *RecordsNumber);
193
194 NTSTATUS EventLogGetOldestRec(
195 handle_t BindingHandle,
196 LOGHANDLE Handle,
197 unsigned long *OldestRecNumber);
198
199 NTSTATUS Unknown6(handle_t BindingHandle);
200
201 NTSTATUS EventLogOpenW(
202 handle_t BindingHandle,
203 LPWSTR ServerName,
204 wchar_t *FileName,
205 wchar_t *NullStr,
206 unsigned long MajorVer,
207 unsigned long MinorVer,
208 PLOGHANDLE Handle);
209
210 NTSTATUS EventLogRegSrcW(
211 handle_t BindingHandle,
212 LPWSTR ServerName,
213 wchar_t *LogName,
214 wchar_t *NullStr,
215 unsigned long MajorVer,
216 unsigned long MinorVer,
217 PLOGHANDLE Handle);
218
219 NTSTATUS EventLogOpenBackupW(
220 handle_t BindingHandle,
221 LPWSTR ServerName,
222 wchar_t *BackupName,
223 unsigned long MajorVer,
224 unsigned long MinorVer,
225 PLOGHANDLE Handle);
226
227 NTSTATUS EventLogReadW(
228 handle_t BindingHandle,
229 LOGHANDLE Handle,
230 unsigned long Flags,
231 unsigned long Offset,
232 unsigned long BufSize,
233 unsigned char *Buffer,
234 unsigned long *BytesRead,
235 unsigned long *BytesNeeded);
236
237 NTSTATUS EventLogReportEventW(
238 handle_t BindingHandle,
239 LOGHANDLE Handle,
240 unsigned long Time,
241 unsigned short Type,
242 unsigned short Category,
243 unsigned long ID,
244 unsigned short NumStrings,
245 unsigned long DataSize,
246 wchar_t *ComputerName,
247 unsigned char *SID,
248 wchar_t *Strings,
249 unsigned char *Data,
250 unsigned short Flags);
251
252 NTSTATUS EventLogClearA(
253 handle_t BindingHandle,
254 LOGHANDLE Handle,
255 char *BackupName);
256
257 NTSTATUS EventLogBackupA(
258 handle_t BindingHandle,
259 LOGHANDLE Handle,
260 char *BackupName);
261
262 NTSTATUS EventLogOpenA(
263 handle_t BindingHandle,
264 LPSTR ServerName,
265 char *LogName,
266 char *NullStr,
267 unsigned long MajorVer,
268 unsigned long MinorVer,
269 PLOGHANDLE Handle);
270
271 NTSTATUS EventLogRegSrcA(
272 handle_t BindingHandle,
273 LPSTR ServerName,
274 char *LogName,
275 char *NullStr,
276 unsigned long MajorVer,
277 unsigned long MinorVer,
278 PLOGHANDLE Handle);
279
280 NTSTATUS EventLogOpenBackupA(
281 handle_t BindingHandle,
282 LPSTR ServerName,
283 char *BackupName,
284 unsigned long MajorVer,
285 unsigned long MinorVer,
286 PLOGHANDLE Handle);
287
288 NTSTATUS EventLogReadA(
289 handle_t BindingHandle,
290 LOGHANDLE Handle,
291 unsigned long Flags,
292 unsigned long Offset,
293 unsigned long BufSize,
294 unsigned char *Buffer,
295 unsigned long *BytesRead,
296 unsigned long *BytesNeeded);
297
298 NTSTATUS EventLogReportEventA(
299 handle_t BindingHandle,
300 LOGHANDLE Handle,
301 unsigned long Time,
302 unsigned short Type,
303 unsigned short Category,
304 unsigned long ID,
305 unsigned short NumStrings,
306 unsigned long DataSize,
307 char *ComputerName,
308 unsigned char *SID,
309 char* Strings,
310 unsigned char *Data,
311 unsigned short Flags);
312
313 NTSTATUS Unknown19(handle_t BindingHandle);
314
315 NTSTATUS Unknown20(handle_t BindingHandle);
316
317 NTSTATUS Unknown21(handle_t BindingHandle);
318
319 NTSTATUS EventLogGetInfo(
320 handle_t BindingHandle,
321 LOGHANDLE Handle,
322 unsigned long InfoLevel,
323 unsigned char *Buffer,
324 unsigned long BufSize,
325 unsigned long *BytesNeeded);
326
327
328
329 #endif /* __EVENTLOG_H__ */
330
A free Windows-compatible Operating System