4 eventlog interface definition
7 import "lsa.idl", "security.idl";
9 [ uuid("82273fdc-e32a-18c3-3f78-827929dc23ea"),
11 helpstring("Event Logger")
14 typedef [bitmap32bit] bitmap {
15 EVENTLOG_SEQUENTIAL_READ = 0x0001,
16 EVENTLOG_SEEK_READ = 0x0002,
17 EVENTLOG_FORWARDS_READ = 0x0004,
18 EVENTLOG_BACKWARDS_READ = 0x0008
21 typedef [public] enum {
22 EVENTLOG_SUCCESS = 0x0000,
23 EVENTLOG_ERROR_TYPE = 0x0001,
24 EVENTLOG_WARNING_TYPE = 0x0002,
25 EVENTLOG_INFORMATION_TYPE = 0x0004,
26 EVENTLOG_AUDIT_SUCCESS = 0x0008,
27 EVENTLOG_AUDIT_FAILURE = 0x0010
33 } eventlog_OpenUnknown0;
35 typedef [flag(NDR_NOALIGN),public] struct {
37 [charset(DOS),value("eLfL")] uint8 reserved[4];
39 time_t time_generated;
42 eventlogEventTypes event_type;
43 [range(0,256)] uint16 num_of_strings;
44 uint16 event_category;
45 uint16 reserved_flags;
46 uint32 closing_record_number;
48 [value(ndr_size_dom_sid0(&sid, ndr->flags))] uint32 sid_size;
53 nstring computer_name;
54 [subcontext(0),subcontext_size(sid_size)] dom_sid0 sid;
55 nstring strings[num_of_strings];
57 [flag(NDR_ALIGN4)] DATA_BLOB _padding;
58 [value(size)] uint32 size2;
63 NTSTATUS eventlog_ClearEventLogW(
64 [in] policy_handle *handle,
65 [in,unique] lsa_String *backupfile
70 [todo] NTSTATUS eventlog_BackupEventLogW();
74 NTSTATUS eventlog_CloseEventLog(
75 [in,out] policy_handle *handle
80 [todo] NTSTATUS eventlog_DeregisterEventSource();
84 NTSTATUS eventlog_GetNumRecords(
85 [in] policy_handle *handle,
86 [out,ref] uint32 *number
91 NTSTATUS eventlog_GetOldestRecord(
92 [in] policy_handle *handle,
93 [out,ref] uint32 *oldest_entry
98 [todo] NTSTATUS eventlog_ChangeNotify();
102 NTSTATUS eventlog_OpenEventLogW(
103 [in,unique] eventlog_OpenUnknown0 *unknown0,
104 [in,ref] lsa_String *logname,
105 [in,ref] lsa_String *servername,
106 [in] uint32 major_version,
107 [in] uint32 minor_version,
108 [out] policy_handle *handle
113 [todo] NTSTATUS eventlog_RegisterEventSourceW();
117 [todo] NTSTATUS eventlog_OpenBackupEventLogW();
121 NTSTATUS eventlog_ReadEventLogW(
122 [in] policy_handle *handle,
123 [in] eventlogReadFlags flags,
125 [in] [range(0,0x7FFFF)] uint32 number_of_bytes,
126 [out,ref,size_is(number_of_bytes)] uint8 *data,
127 [out,ref] uint32 *sent_size,
128 [out,ref] uint32 *real_size
133 NTSTATUS eventlog_ReportEventW(
134 [in] policy_handle *handle,
135 [in] time_t timestamp,
136 [in] eventlogEventTypes event_type,
137 [in] uint16 event_category,
138 [in] uint32 event_id,
139 [in] [range(0,256)] uint16 num_of_strings,
140 [in] [range(0,0x3FFFF)] uint32 data_size,
141 [in,ref] lsa_String *servername,
142 [in,unique] dom_sid *user_sid,
143 [in,unique] [size_is(num_of_strings)] lsa_String **strings,
144 [in,unique] [size_is(data_size)] uint8 *data,
146 [in,out,unique] uint32 *record_number,
147 [in,out,unique] time_t *time_written
152 [todo] NTSTATUS eventlog_ClearEventLogA();
156 [todo] NTSTATUS eventlog_BackupEventLogA();
160 [todo] NTSTATUS eventlog_OpenEventLogA();
164 [todo] NTSTATUS eventlog_RegisterEventSourceA();
168 [todo] NTSTATUS eventlog_OpenBackupEventLogA();
172 [todo] NTSTATUS eventlog_ReadEventLogA();
176 [todo] NTSTATUS eventlog_ReportEventA();
180 [todo] NTSTATUS eventlog_RegisterClusterSvc();
184 [todo] NTSTATUS eventlog_DeregisterClusterSvc();
188 [todo] NTSTATUS eventlog_WriteClusterEvents();
195 } EVENTLOG_FULL_INFORMATION;
197 NTSTATUS eventlog_GetLogIntormation(
198 [in] policy_handle *handle,
200 [out,ref] [size_is(buf_size)] uint8 *buffer,
201 [in] [range(0,1024)] uint32 buf_size,
202 [out,ref] uint32 *bytes_needed
207 NTSTATUS eventlog_FlushEventLog(
208 [in] policy_handle *handle