ReactOS 0.4.16-dev-1494-gd054f63
eventlog.h
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS EventLog Service
3 * LICENSE: GPL - See COPYING in the top level directory
4 * FILE: base/services/eventlog/eventlog.h
5 * PURPOSE: Precompiled Header for the Event logging service
6 * COPYRIGHT: Copyright 2005 Saveliy Tretiakov
7 */
8
9#ifndef __EVENTLOG_H__
10#define __EVENTLOG_H__
11
12#include <stdarg.h>
13
14/* PSDK/NDK Headers */
15#define WIN32_NO_STATUS
16#include <windef.h>
17#include <winbase.h>
18
19#define NTOS_MODE_USER
20#include <ndk/rtlfuncs.h>
21#include <ndk/obfuncs.h>
22
23#define ROUND_DOWN(n, align) (((ULONG)n) & ~((align) - 1l))
24#define ROUND_UP(n, align) ROUND_DOWN(((ULONG)n) + (align) - 1, (align))
25
26#include <evtlib.h>
27
28#include <eventlogrpc_s.h>
29#include <strsafe.h>
30
31/* Defined in evtlib.h */
32// #define LOGFILE_SIGNATURE 0x654c664c // "LfLe"
33
34typedef struct _LOGFILE
35{
36 EVTLOGFILE LogFile;
37 HANDLE FileHandle;
38 WCHAR *LogName;
39 RTL_RESOURCE Lock;
40 BOOL Permanent;
41 LIST_ENTRY ListEntry;
42} LOGFILE, *PLOGFILE;
43
44typedef struct _EVENTSOURCE
45{
46 LIST_ENTRY EventSourceListEntry;
47 PLOGFILE LogFile;
48 WCHAR szName[1];
49} EVENTSOURCE, *PEVENTSOURCE;
50
51
52/* Log Handle Flags */
53#define LOG_HANDLE_BACKUP_FILE 1
54
55typedef struct _LOGHANDLE
56{
57 LIST_ENTRY LogHandleListEntry;
58 PEVENTSOURCE EventSource;
59 PLOGFILE LogFile;
60 ULONG CurrentRecord;
61 ULONG Flags;
62 WCHAR szName[1];
63} LOGHANDLE, *PLOGHANDLE;
64
65
66/* eventlog.c */
67extern PEVENTSOURCE EventLogSource;
68
69VOID PRINT_RECORD(PEVENTLOGRECORD pRec);
70
71
72/* eventsource.c */
73VOID InitEventSourceList(VOID);
74
75BOOL
76LoadEventSources(HKEY hKey,
77 PLOGFILE pLogFile);
78
79PEVENTSOURCE
80GetEventSourceByName(LPCWSTR Name);
81
82
83/* file.c */
84VOID LogfListInitialize(VOID);
85DWORD LogfListItemCount(VOID);
86PLOGFILE LogfListItemByIndex(DWORD Index);
87PLOGFILE LogfListItemByName(LPCWSTR Name);
88// DWORD LogfListItemIndexByName(WCHAR * Name);
89
90NTSTATUS
91LogfCreate(PLOGFILE* LogFile,
92 PCWSTR LogName,
93 PUNICODE_STRING FileName,
94 ULONG MaxSize,
95 ULONG Retention,
96 BOOLEAN Permanent,
97 BOOLEAN Backup);
98
99VOID
100LogfClose(PLOGFILE LogFile,
101 BOOLEAN ForceClose);
102
103VOID LogfCloseAll(VOID);
104
105NTSTATUS
106LogfClearFile(PLOGFILE LogFile,
107 PUNICODE_STRING BackupFileName);
108
109NTSTATUS
110LogfBackupFile(PLOGFILE LogFile,
111 PUNICODE_STRING BackupFileName);
112
113NTSTATUS
114LogfReadEvents(PLOGFILE LogFile,
115 ULONG Flags,
116 PULONG RecordNumber,
117 ULONG BufSize,
118 PBYTE Buffer,
119 PULONG BytesRead,
120 PULONG BytesNeeded,
121 BOOLEAN Ansi);
122
123NTSTATUS
124LogfWriteRecord(PLOGFILE LogFile,
125 PEVENTLOGRECORD Record,
126 SIZE_T BufSize);
127
128PEVENTLOGRECORD
129LogfAllocAndBuildNewRecord(PSIZE_T pRecSize,
130 ULONG Time,
131 USHORT wType,
132 USHORT wCategory,
133 ULONG dwEventId,
134 PUNICODE_STRING SourceName,
135 PUNICODE_STRING ComputerName,
136 ULONG dwSidLength,
137 PSID pUserSid,
138 USHORT wNumStrings,
139 PWSTR pStrings,
140 ULONG dwDataSize,
141 PVOID pRawData);
142
143static __inline void LogfFreeRecord(PEVENTLOGRECORD Record)
144{
145 RtlFreeHeap(GetProcessHeap(), 0, Record);
146}
147
148VOID
149LogfReportEvent(USHORT wType,
150 USHORT wCategory,
151 ULONG dwEventId,
152 USHORT wNumStrings,
153 PWSTR pStrings,
154 ULONG dwDataSize,
155 PVOID pRawData);
156
157
158/* logport.c */
159NTSTATUS WINAPI PortThreadRoutine(PVOID Param);
160
161NTSTATUS InitLogPort(VOID);
162
163NTSTATUS ProcessPortMessage(VOID);
164
165/* rpc.c */
166DWORD WINAPI RpcThreadRoutine(LPVOID lpParameter);
167
168#endif /* __EVENTLOG_H__ */
BufSize
#define BufSize
Definition: FsRtlTunnel.c:28
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
__inline
#define __inline
Definition: _wctype.cpp:15
SourceName
WCHAR SourceName[256]
Definition: arping.c:28
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:634
Buffer
Definition: bufpool.h:45
Name
LPWSTR Name
Definition: desk.c:124
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:736
PRINT_RECORD
VOID PRINT_RECORD(PEVENTLOGRECORD pRec)
Definition: eventlog.c:544
LogfReportEvent
VOID LogfReportEvent(USHORT wType, USHORT wCategory, ULONG dwEventId, USHORT wNumStrings, PWSTR pStrings, ULONG dwDataSize, PVOID pRawData)
Definition: file.c:1037
LogfClearFile
NTSTATUS LogfClearFile(PLOGFILE LogFile, PUNICODE_STRING BackupFileName)
Definition: file.c:467
LogfCreate
NTSTATUS LogfCreate(PLOGFILE *LogFile, PCWSTR LogName, PUNICODE_STRING FileName, ULONG MaxSize, ULONG Retention, BOOLEAN Permanent, BOOLEAN Backup)
Definition: file.c:294
ProcessPortMessage
NTSTATUS ProcessPortMessage(VOID)
Definition: logport.c:104
LoadEventSources
BOOL LoadEventSources(HKEY hKey, PLOGFILE pLogFile)
Definition: eventsource.c:82
LogfReadEvents
NTSTATUS LogfReadEvents(PLOGFILE LogFile, ULONG Flags, PULONG RecordNumber, ULONG BufSize, PBYTE Buffer, PULONG BytesRead, PULONG BytesNeeded, BOOLEAN Ansi)
Definition: file.c:721
EventLogSource
PEVENTSOURCE EventLogSource
Definition: eventlog.c:35
LogfListItemByName
PLOGFILE LogfListItemByName(LPCWSTR Name)
Definition: file.c:33
InitEventSourceList
VOID InitEventSourceList(VOID)
Definition: eventsource.c:22
LogfWriteRecord
NTSTATUS LogfWriteRecord(PLOGFILE LogFile, PEVENTLOGRECORD Record, SIZE_T BufSize)
Definition: file.c:858
LogfListInitialize
VOID LogfListInitialize(VOID)
Definition: file.c:27
LogfClose
VOID LogfClose(PLOGFILE LogFile, BOOLEAN ForceClose)
Definition: file.c:428
InitLogPort
NTSTATUS InitLogPort(VOID)
Definition: logport.c:47
PEVENTSOURCE
struct _EVENTSOURCE * PEVENTSOURCE
LogfListItemByIndex
PLOGFILE LogfListItemByIndex(DWORD Index)
Definition: file.c:93
LogfAllocAndBuildNewRecord
PEVENTLOGRECORD LogfAllocAndBuildNewRecord(PSIZE_T pRecSize, ULONG Time, USHORT wType, USHORT wCategory, ULONG dwEventId, PUNICODE_STRING SourceName, PUNICODE_STRING ComputerName, ULONG dwSidLength, PSID pUserSid, USHORT wNumStrings, PWSTR pStrings, ULONG dwDataSize, PVOID pRawData)
Definition: file.c:896
PortThreadRoutine
NTSTATUS WINAPI PortThreadRoutine(PVOID Param)
Definition: logport.c:27
GetEventSourceByName
PEVENTSOURCE GetEventSourceByName(LPCWSTR Name)
Definition: eventsource.c:202
EVENTSOURCE
struct _EVENTSOURCE EVENTSOURCE
PLOGFILE
struct _LOGFILE * PLOGFILE
LogfBackupFile
NTSTATUS LogfBackupFile(PLOGFILE LogFile, PUNICODE_STRING BackupFileName)
Definition: file.c:499
LogfCloseAll
VOID LogfCloseAll(VOID)
Definition: file.c:452
LogfListItemCount
DWORD LogfListItemCount(VOID)
Definition: file.c:118
RpcThreadRoutine
DWORD WINAPI RpcThreadRoutine(LPVOID lpParameter)
Definition: rpcserver.c:20
LOGHANDLE
struct _LOGHANDLE LOGHANDLE
PLOGHANDLE
struct _LOGHANDLE * PLOGHANDLE
LogfFreeRecord
static __inline void LogfFreeRecord(PEVENTLOGRECORD Record)
Definition: eventlog.h:143
LOGFILE
struct _LOGFILE LOGFILE
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
hKey
FxAutoRegKey hKey
Definition: fxdriverapikm.cpp:59
Time
static PLARGE_INTEGER Time
Definition: time.c:105
PBYTE
BYTE * PBYTE
Definition: pedump.c:66
USHORT
unsigned short USHORT
Definition: pedump.c:61
_EVENTLOGRECORD
Definition: winnt_old.h:3025
_EVENTSOURCE
Definition: eventlog.h:45
_EVENTSOURCE::szName
WCHAR szName[1]
Definition: eventlog.h:48
_EVENTSOURCE::EventSourceListEntry
LIST_ENTRY EventSourceListEntry
Definition: eventlog.h:46
_EVENTSOURCE::LogFile
PLOGFILE LogFile
Definition: eventlog.h:47
_EVTLOGFILE
Definition: evtlib.h:203
_FileName
Definition: filecomp.c:348
_LIST_ENTRY
Definition: typedefs.h:120
_LOGFILE
Definition: eventlog.h:35
_LOGFILE::Lock
RTL_RESOURCE Lock
Definition: eventlog.h:39
_LOGFILE::LogFile
EVTLOGFILE LogFile
Definition: eventlog.h:36
_LOGFILE::ListEntry
LIST_ENTRY ListEntry
Definition: eventlog.h:41
_LOGFILE::Permanent
BOOL Permanent
Definition: eventlog.h:40
_LOGFILE::FileHandle
HANDLE FileHandle
Definition: eventlog.h:37
_LOGFILE::LogName
WCHAR * LogName
Definition: eventlog.h:38
_LOGHANDLE
Definition: eventlog.h:56
_LOGHANDLE::CurrentRecord
ULONG CurrentRecord
Definition: eventlog.h:60
_LOGHANDLE::LogFile
PLOGFILE LogFile
Definition: eventlog.h:59
_LOGHANDLE::LogHandleListEntry
LIST_ENTRY LogHandleListEntry
Definition: eventlog.h:57
_LOGHANDLE::Flags
ULONG Flags
Definition: eventlog.h:61
_LOGHANDLE::szName
WCHAR szName[1]
Definition: eventlog.h:62
_LOGHANDLE::EventSource
PEVENTSOURCE EventSource
Definition: eventlog.h:58
_RTL_RESOURCE
Definition: rtltypes.h:1533
_SID
Definition: ms-dtyp.idl:198
_UNICODE_STRING
Definition: env_spec_w32.h:368
PSIZE_T
ULONG_PTR * PSIZE_T
Definition: typedefs.h:80
PWSTR
uint16_t * PWSTR
Definition: typedefs.h:56
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
PCWSTR
const uint16_t * PCWSTR
Definition: typedefs.h:57
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
ULONG
uint32_t ULONG
Definition: typedefs.h:59
Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:182
BytesRead
_Must_inspect_result_ _In_ WDFIOTARGET _In_opt_ WDFREQUEST _In_opt_ PWDF_MEMORY_DESCRIPTOR _In_opt_ PLONGLONG _In_opt_ PWDF_REQUEST_SEND_OPTIONS _Out_opt_ PULONG_PTR BytesRead
Definition: wdfiotarget.h:870
WINAPI
#define WINAPI
Definition: msvc.h:6
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
Record
_In_ struct _KBUGCHECK_REASON_CALLBACK_RECORD * Record
Definition: ketypes.h:268
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
LPCWSTR
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185