projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Saveliy Tretiakov <saveliyt@mail.ru>:
[reactos.git] / reactos / services / eventlog / eventlog.h
1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS
4 * FILE: eventlog.h
5 * PURPOSE: Event logging service
6 * PROGRAMMER: Saveliy Tretiakov (saveliyt@mail.ru)
7 */
8
9 #ifndef __EVENTLOG_H__
10 #define __EVENTLOG_H__
11
12 #include <windows.h>
13 #define NTOS_MODE_USER
14 #include <ndk/ntndk.h>
15 #include <debug.h>
16 #include "eventlogrpc_s.h"
17
18 typedef struct _IO_ERROR_LPC
19 {
20 PORT_MESSAGE Header;
21 IO_ERROR_LOG_MESSAGE Message;
22 } IO_ERROR_LPC, *PIO_ERROR_LPC;
23
24 #define LOGHANDLE unsigned char*
25 #define PLOGHANDLE int*
26
27 #define MAJORVER 1
28 #define MINORVER 1
29
30 /*
31 * Our file format will be compatible with NT's
32 */
33
34 #define LOGFILE_SIGNATURE 0x654c664c
35
36 /*
37 * FIXME
38 * Flags used in logfile header
39 */
40 #define LOGFILE_FLAG1 1
41 #define LOGFILE_FLAG2 2
42 #define LOGFILE_FLAG3 4
43 #define LOGFILE_FLAG4 8
44
45 typedef struct {
46 DWORD SizeOfHeader;
47 DWORD Signature;
48 DWORD MajorVersion;
49 DWORD MinorVersion;
50 DWORD FirstRecordOffset;
51 DWORD EofOffset;
52 DWORD NextRecord;
53 DWORD OldestRecord;
54 DWORD unknown1;
55 DWORD Flags;
56 DWORD unknown2;
57 DWORD SizeOfHeader2;
58 } FILE_HEADER, *PFILE_HEADER;
59
60 typedef struct {
61 DWORD Size1;
62 DWORD Ones; // Must be 0x11111111
63 DWORD Twos; // Must be 0x22222222
64 DWORD Threes; // Must be 0x33333333
65 DWORD Fours; // Must be 0x44444444
66 DWORD StartOffset;
67 DWORD EndOffset;
68 DWORD NextRecordNumber;
69 DWORD OldestRecordNumber;
70 DWORD Size2;
71 } EOF_RECORD, *PEOF_RECORD;
72
73 typedef struct {
74 ULONG EventNumber;
75 ULONG EventOffset;
76 } EVENT_OFFSET_INFO, *PEVENT_OFFSET_INFO;
77
78 typedef struct {
79 HANDLE hFile;
80 FILE_HEADER Header;
81 WCHAR *LogName;
82 WCHAR *FileName;
83 CRITICAL_SECTION cs;
84 PEVENT_OFFSET_INFO OffsetInfo;
85 ULONG OffsetInfoSize;
86 ULONG OffsetInfoNext;
87 PVOID Next;
88 PVOID Prev;
89 } LOGFILE, *PLOGFILE;
90
91
92 /* file.c */
93 PLOGFILE LogfListHead();
94
95 INT LogfListItemCount();
96
97 PLOGFILE LogfListItemByIndex(INT Index);
98
99 PLOGFILE LogfListItemByName(WCHAR *Name);
100
101 VOID LogfListAddItem(PLOGFILE Item);
102
103 VOID LogfListRemoveItem(PLOGFILE Item);
104
105 BOOL LogfReadEvent(PLOGFILE LogFile,
106 DWORD Flags,
107 DWORD RecordNumber,
108 DWORD BufSize,
109 PBYTE Buffer,
110 DWORD *BytesRead,
111 DWORD *BytesNeeded);
112
113 BOOL LogfWriteData(PLOGFILE LogFile,
114 DWORD BufSize,
115 PBYTE Buffer);
116
117 PLOGFILE LogfCreate(WCHAR *LogName,
118 WCHAR *FileName);
119
120 VOID LogfClose(PLOGFILE LogFile);
121
122 BOOL LogfInitializeNew(PLOGFILE LogFile);
123
124 BOOL LogfInitializeExisting(PLOGFILE LogFile);
125
126 DWORD LogfGetOldestRecord(PLOGFILE LogFile);
127
128 ULONG LogfOffsetByNumber(PLOGFILE LogFile,
129 DWORD RecordNumber);
130
131 BOOL LogfAddOffsetInformation(PLOGFILE LogFile,
132 ULONG ulNumber,
133 ULONG ulOffset);
134
135 DWORD LogfBuildNewRecord(PBYTE Buffer,
136 DWORD dwRecordNumber,
137 WORD wType,
138 WORD wCategory,
139 DWORD dwEventId,
140 LPCWSTR SourceName,
141 LPCWSTR ComputerName,
142 DWORD dwSidLength,
143 PSID lpUserSid,
144 WORD wNumStrings,
145 WCHAR *lpStrings,
146 DWORD dwDataSize,
147 LPVOID lpRawData);
148
149 /* eventlog.c */
150 VOID PRINT_HEADER(PFILE_HEADER header);
151
152 VOID PRINT_RECORD(PEVENTLOGRECORD pRec);
153
154 VOID EventTimeToSystemTime(DWORD EventTime,
155 SYSTEMTIME *SystemTime);
156
157 VOID SystemTimeToEventTime(SYSTEMTIME *pSystemTime,
158 DWORD *pEventTime);
159
160 /* logport.c */
161 NTSTATUS STDCALL PortThreadRoutine(PVOID Param);
162
163 NTSTATUS InitLogPort(VOID);
164
165 NTSTATUS ProcessPortMessage(VOID);
166
167 /* rpc.c */
168 DWORD STDCALL RpcThreadRoutine(LPVOID lpParameter);
169
170 NTSTATUS EventLogClearW(
171 handle_t BindingHandle,
172 LOGHANDLE Handle,
173 wchar_t *BackupName);
174
175 NTSTATUS EventLogBackupW(
176 handle_t BindingHandle,
177 LOGHANDLE Handle,
178 wchar_t *FileName);
179
180 NTSTATUS EventLogClose(
181 handle_t BindingHandle,
182 PLOGHANDLE Handle);
183
184 NTSTATUS EventLogUnregSrc(
185 handle_t BindingHandle,
186 PLOGHANDLE Handle);
187
188 NTSTATUS EventLogRecordsNumber(
189 handle_t BindingHandle,
190 LOGHANDLE Handle,
191 unsigned long *RecordsNumber);
192
193 NTSTATUS EventLogGetOldestRec(
194 handle_t BindingHandle,
195 LOGHANDLE Handle,
196 unsigned long *OldestRecNumber);
197
198 NTSTATUS Unknown6(handle_t BindingHandle);
199
200 NTSTATUS EventLogOpenW(
201 handle_t BindingHandle,
202 LPWSTR ServerName,
203 wchar_t *FileName,
204 wchar_t *NullStr,
205 unsigned long MajorVer,
206 unsigned long MinorVer,
207 PLOGHANDLE Handle);
208
209 NTSTATUS EventLogRegSrcW(
210 handle_t BindingHandle,
211 LPWSTR ServerName,
212 wchar_t *LogName,
213 wchar_t *NullStr,
214 unsigned long MajorVer,
215 unsigned long MinorVer,
216 PLOGHANDLE Handle);
217
218 NTSTATUS EventLogOpenBackupW(
219 handle_t BindingHandle,
220 LPWSTR ServerName,
221 wchar_t *BackupName,
222 unsigned long MajorVer,
223 unsigned long MinorVer,
224 PLOGHANDLE Handle);
225
226 NTSTATUS EventLogReadW(
227 handle_t BindingHandle,
228 LOGHANDLE Handle,
229 unsigned long Flags,
230 unsigned long Offset,
231 unsigned long BufSize,
232 unsigned char *Buffer,
233 unsigned long *BytesRead,
234 unsigned long *BytesNeeded);
235
236 NTSTATUS EventLogReportEventW(
237 handle_t BindingHandle,
238 LOGHANDLE Handle,
239 unsigned long Time,
240 unsigned short Type,
241 unsigned short Category,
242 unsigned long ID,
243 unsigned short NumStrings,
244 unsigned long DataSize,
245 wchar_t *ComputerName,
246 unsigned char *SID,
247 wchar_t *Strings,
248 unsigned char *Data,
249 unsigned short Flags);
250
251 NTSTATUS EventLogClearA(
252 handle_t BindingHandle,
253 LOGHANDLE Handle,
254 char *BackupName);
255
256 NTSTATUS EventLogBackupA(
257 handle_t BindingHandle,
258 LOGHANDLE Handle,
259 char *BackupName);
260
261 NTSTATUS EventLogOpenA(
262 handle_t BindingHandle,
263 LPSTR ServerName,
264 char *LogName,
265 char *NullStr,
266 unsigned long MajorVer,
267 unsigned long MinorVer,
268 PLOGHANDLE Handle);
269
270 NTSTATUS EventLogRegSrcA(
271 handle_t BindingHandle,
272 LPSTR ServerName,
273 char *LogName,
274 char *NullStr,
275 unsigned long MajorVer,
276 unsigned long MinorVer,
277 PLOGHANDLE Handle);
278
279 NTSTATUS EventLogOpenBackupA(
280 handle_t BindingHandle,
281 LPSTR ServerName,
282 char *BackupName,
283 unsigned long MajorVer,
284 unsigned long MinorVer,
285 PLOGHANDLE Handle);
286
287 NTSTATUS EventLogReadA(
288 handle_t BindingHandle,
289 LOGHANDLE Handle,
290 unsigned long Flags,
291 unsigned long Offset,
292 unsigned long BufSize,
293 unsigned char *Buffer,
294 unsigned long *BytesRead,
295 unsigned long *BytesNeeded);
296
297 NTSTATUS EventLogReportEventA(
298 handle_t BindingHandle,
299 LOGHANDLE Handle,
300 unsigned long Time,
301 unsigned short Type,
302 unsigned short Category,
303 unsigned long ID,
304 unsigned short NumStrings,
305 unsigned long DataSize,
306 char *ComputerName,
307 unsigned char *SID,
308 char* Strings,
309 unsigned char *Data,
310 unsigned short Flags);
311
312 NTSTATUS Unknown19(handle_t BindingHandle);
313
314 NTSTATUS Unknown20(handle_t BindingHandle);
315
316 NTSTATUS Unknown21(handle_t BindingHandle);
317
318 NTSTATUS EventLogGetInfo(
319 handle_t BindingHandle,
320 LOGHANDLE Handle,
321 unsigned long InfoLevel,
322 unsigned char *Buffer,
323 unsigned long BufSize,
324 unsigned long *BytesNeeded);
325
326
327
328 #endif /* __EVENTLOG_H__ */
329
A free Windows-compatible Operating System