d4/d1f/eventlog_8h_source.html

 /*
  * PROJECT:         ReactOS EventLog Service
  * LICENSE:         GPL - See COPYING in the top level directory
  * FILE:            base/services/eventlog/eventlog.h
  * PURPOSE:         Precompiled Header for the Event logging service
  * COPYRIGHT:       Copyright 2005 Saveliy Tretiakov
  */

 #ifndef __EVENTLOG_H__
 #define __EVENTLOG_H__

 #include <stdarg.h>

 /* PSDK/NDK Headers */
 #define WIN32_NO_STATUS
 #include <windef.h>
 #include <winbase.h>

 #define NTOS_MODE_USER
 #include <ndk/rtlfuncs.h>
 #include <ndk/obfuncs.h>

 #define ROUND_DOWN(n, align) (((ULONG)n) & ~((align) - 1l))
 #define ROUND_UP(n, align) ROUND_DOWN(((ULONG)n) + (align) - 1, (align))

 #include <evtlib.h>

 #include <eventlogrpc_s.h>
 #include <strsafe.h>

 /* Defined in evtlib.h */
 // #define LOGFILE_SIGNATURE   0x654c664c  // "LfLe"

 typedef struct _LOGFILE
 {
     EVTLOGFILE LogFile;
     HANDLE FileHandle;
     WCHAR *LogName;
     RTL_RESOURCE Lock;
     BOOL Permanent;
     LIST_ENTRY ListEntry;
 } LOGFILE, *PLOGFILE;

 typedef struct _EVENTSOURCE
 {
     LIST_ENTRY EventSourceListEntry;
     PLOGFILE LogFile;
     WCHAR szName[1];
 } EVENTSOURCE, *PEVENTSOURCE;


 /* Log Handle Flags */
 #define LOG_HANDLE_BACKUP_FILE 1

 typedef struct _LOGHANDLE
 {
     LIST_ENTRY LogHandleListEntry;
     PEVENTSOURCE EventSource;
     PLOGFILE LogFile;
     ULONG CurrentRecord;
     ULONG Flags;
     WCHAR szName[1];
 } LOGHANDLE, *PLOGHANDLE;


 /* eventlog.c */
 extern PEVENTSOURCE EventLogSource;

 VOID PRINT_RECORD(PEVENTLOGRECORD pRec);


 /* eventsource.c */
 VOID InitEventSourceList(VOID);

 BOOL
 LoadEventSources(HKEY hKey,
                  PLOGFILE pLogFile);

 PEVENTSOURCE
 GetEventSourceByName(LPCWSTR Name);


 /* file.c */
 VOID LogfListInitialize(VOID);
 DWORD LogfListItemCount(VOID);
 PLOGFILE LogfListItemByIndex(DWORD Index);
 PLOGFILE LogfListItemByName(LPCWSTR Name);
 // DWORD LogfListItemIndexByName(WCHAR * Name);

 NTSTATUS
 LogfCreate(PLOGFILE* LogFile,
            PCWSTR    LogName,
            PUNICODE_STRING FileName,
            ULONG     MaxSize,
            ULONG     Retention,
            BOOLEAN   Permanent,
            BOOLEAN   Backup);

 VOID
 LogfClose(PLOGFILE LogFile,
           BOOLEAN  ForceClose);

 VOID LogfCloseAll(VOID);

 NTSTATUS
 LogfClearFile(PLOGFILE LogFile,
               PUNICODE_STRING BackupFileName);

 NTSTATUS
 LogfBackupFile(PLOGFILE LogFile,
                PUNICODE_STRING BackupFileName);

 NTSTATUS
 LogfReadEvents(PLOGFILE LogFile,
                ULONG    Flags,
                PULONG   RecordNumber,
                ULONG    BufSize,
                PBYTE    Buffer,
                PULONG   BytesRead,
                PULONG   BytesNeeded,
                BOOLEAN  Ansi);

 NTSTATUS
 LogfWriteRecord(PLOGFILE LogFile,
                 PEVENTLOGRECORD Record,
                 SIZE_T BufSize);

 PEVENTLOGRECORD
 LogfAllocAndBuildNewRecord(PSIZE_T pRecSize,
                            ULONG   Time,
                            USHORT  wType,
                            USHORT  wCategory,
                            ULONG   dwEventId,
                            PUNICODE_STRING SourceName,
                            PUNICODE_STRING ComputerName,
                            ULONG   dwSidLength,
                            PSID    pUserSid,
                            USHORT  wNumStrings,
                            PWSTR   pStrings,
                            ULONG   dwDataSize,
                            PVOID   pRawData);

 static __inline void LogfFreeRecord(PEVENTLOGRECORD Record)
 {
     RtlFreeHeap(GetProcessHeap(), 0, Record);
 }

 VOID
 LogfReportEvent(USHORT wType,
                 USHORT wCategory,
                 ULONG  dwEventId,
                 USHORT wNumStrings,
                 PWSTR  pStrings,
                 ULONG  dwDataSize,
                 PVOID  pRawData);


 /* logport.c */
 NTSTATUS WINAPI PortThreadRoutine(PVOID Param);

 NTSTATUS InitLogPort(VOID);

 NTSTATUS ProcessPortMessage(VOID);

 /* rpc.c */
 DWORD WINAPI RpcThreadRoutine(LPVOID lpParameter);

 #endif  /* __EVENTLOG_H__ */
PEVENTSOURCE
struct _EVENTSOURCE * PEVENTSOURCE

PCWSTR
const uint16_t * PCWSTR
Definition: typedefs.h:57

_EVENTLOGRECORD
Definition: winnt_old.h:2887

ProcessPortMessage
NTSTATUS ProcessPortMessage(VOID)
Definition: logport.c:104

_EVENTSOURCE
Definition: eventlog.h:44

_SID
Definition: ms-dtyp.idl:198

LPCWSTR
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185

LogfCloseAll
VOID LogfCloseAll(VOID)
Definition: file.c:452

InitEventSourceList
VOID InitEventSourceList(VOID)
Definition: eventsource.c:22

PLOGFILE
struct _LOGFILE * PLOGFILE

LogfClose
VOID LogfClose(PLOGFILE LogFile, BOOLEAN ForceClose)
Definition: file.c:428

PortThreadRoutine
NTSTATUS WINAPI PortThreadRoutine(PVOID Param)
Definition: logport.c:27

PWSTR
uint16_t * PWSTR
Definition: typedefs.h:56

winbase.h

LogfClearFile
NTSTATUS LogfClearFile(PLOGFILE LogFile, PUNICODE_STRING BackupFileName)
Definition: file.c:467

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606

LogfFreeRecord
static __inline void LogfFreeRecord(PEVENTLOGRECORD Record)
Definition: eventlog.h:143

_LOGHANDLE::LogHandleListEntry
LIST_ENTRY LogHandleListEntry
Definition: eventlog.h:57

_RTL_RESOURCE
Definition: rtltypes.h:1513

evtlib.h

LogfReadEvents
NTSTATUS LogfReadEvents(PLOGFILE LogFile, ULONG Flags, PULONG RecordNumber, ULONG BufSize, PBYTE Buffer, PULONG BytesRead, PULONG BytesNeeded, BOOLEAN Ansi)
Definition: file.c:721

_LOGHANDLE::EventSource
PEVENTSOURCE EventSource
Definition: eventlog.h:58

LogfListItemCount
DWORD LogfListItemCount(VOID)
Definition: file.c:118

PLOGHANDLE
struct _LOGHANDLE * PLOGHANDLE

BytesRead
_Must_inspect_result_ _In_ WDFIOTARGET _In_opt_ WDFREQUEST _In_opt_ PWDF_MEMORY_DESCRIPTOR _In_opt_ PLONGLONG _In_opt_ PWDF_REQUEST_SEND_OPTIONS _Out_opt_ PULONG_PTR BytesRead
Definition: wdfiotarget.h:859

_LOGFILE::LogFile
EVTLOGFILE LogFile
Definition: eventlog.h:36

Record
_In_ struct _KBUGCHECK_REASON_CALLBACK_RECORD * Record
Definition: ketypes.h:256

LogfListInitialize
VOID LogfListInitialize(VOID)
Definition: file.c:27

LogfReportEvent
VOID LogfReportEvent(USHORT wType, USHORT wCategory, ULONG dwEventId, USHORT wNumStrings, PWSTR pStrings, ULONG dwDataSize, PVOID pRawData)
Definition: file.c:1037

PSIZE_T
ULONG_PTR * PSIZE_T
Definition: typedefs.h:80

_EVENTSOURCE::EventSourceListEntry
LIST_ENTRY EventSourceListEntry
Definition: eventlog.h:46

rtlfuncs.h

BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94

LoadEventSources
BOOL LoadEventSources(HKEY hKey, PLOGFILE pLogFile)
Definition: eventsource.c:82

LogfBackupFile
NTSTATUS LogfBackupFile(PLOGFILE LogFile, PUNICODE_STRING BackupFileName)
Definition: file.c:499

_EVENTSOURCE::LogFile
PLOGFILE LogFile
Definition: eventlog.h:47

_EVENTSOURCE::szName
WCHAR szName[1]
Definition: eventlog.h:48

RpcThreadRoutine
DWORD WINAPI RpcThreadRoutine(LPVOID lpParameter)
Definition: rpcserver.c:20

BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185

NameRec_
Definition: apinames.c:48

_FileName
Definition: filecomp.c:347

Buffer
Definition: bufpool.h:45

GetEventSourceByName
PEVENTSOURCE GetEventSourceByName(LPCWSTR Name)
Definition: eventsource.c:202

BufSize
#define BufSize
Definition: FsRtlTunnel.c:28

_LOGHANDLE::CurrentRecord
ULONG CurrentRecord
Definition: eventlog.h:60

_LOGHANDLE::Flags
ULONG Flags
Definition: eventlog.h:61

_LOGHANDLE::LogFile
PLOGFILE LogFile
Definition: eventlog.h:59

_LOGFILE::ListEntry
LIST_ENTRY ListEntry
Definition: eventlog.h:41

obfuncs.h

PRINT_RECORD
VOID PRINT_RECORD(PEVENTLOGRECORD pRec)
Definition: eventlog.c:544

_LOGFILE::FileHandle
HANDLE FileHandle
Definition: eventlog.h:37

LogfListItemByIndex
PLOGFILE LogfListItemByIndex(DWORD Index)
Definition: file.c:93

Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170

GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:595

WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180

_LOGFILE::Permanent
BOOL Permanent
Definition: eventlog.h:40

Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:179

LOGHANDLE
struct _LOGHANDLE LOGHANDLE

_LOGFILE::Lock
RTL_RESOURCE Lock
Definition: eventlog.h:39

WINAPI
#define WINAPI
Definition: msvc.h:6

DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95

windef.h

_LOGFILE::LogName
WCHAR * LogName
Definition: eventlog.h:38

LogfAllocAndBuildNewRecord
PEVENTLOGRECORD LogfAllocAndBuildNewRecord(PSIZE_T pRecSize, ULONG Time, USHORT wType, USHORT wCategory, ULONG dwEventId, PUNICODE_STRING SourceName, PUNICODE_STRING ComputerName, ULONG dwSidLength, PSID pUserSid, USHORT wNumStrings, PWSTR pStrings, ULONG dwDataSize, PVOID pRawData)
Definition: file.c:896

EVENTSOURCE
struct _EVENTSOURCE EVENTSOURCE

_LIST_ENTRY
Definition: typedefs.h:119

EventLogSource
PEVENTSOURCE EventLogSource
Definition: eventlog.c:35

_LOGHANDLE::szName
WCHAR szName[1]
Definition: eventlog.h:62

SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80

_UNICODE_STRING
Definition: env_spec_w32.h:368

USHORT
unsigned short USHORT
Definition: pedump.c:61

hKey
FxAutoRegKey hKey
Definition: fxdriverapikm.cpp:59

_LOGHANDLE
Definition: eventlog.h:55

PULONG
unsigned int * PULONG
Definition: retypes.h:1

_EVTLOGFILE
Definition: evtlib.h:202

LogfWriteRecord
NTSTATUS LogfWriteRecord(PLOGFILE LogFile, PEVENTLOGRECORD Record, SIZE_T BufSize)
Definition: file.c:858

SourceName
WCHAR SourceName[256]
Definition: arping.c:28

InitLogPort
NTSTATUS InitLogPort(VOID)
Definition: logport.c:47

LogfCreate
NTSTATUS LogfCreate(PLOGFILE *LogFile, PCWSTR LogName, PUNICODE_STRING FileName, ULONG MaxSize, ULONG Retention, BOOLEAN Permanent, BOOLEAN Backup)
Definition: file.c:294

strsafe.h

ULONG
unsigned int ULONG
Definition: retypes.h:1

void
Definition: nsiface.idl:2306

LOGFILE
struct _LOGFILE LOGFILE

LogfListItemByName
PLOGFILE LogfListItemByName(LPCWSTR Name)
Definition: file.c:33

PBYTE
BYTE * PBYTE
Definition: pedump.c:66

Time
static PLARGE_INTEGER Time
Definition: time.c:105

_LOGFILE
Definition: eventlog.h:34