2006-09-18 19:02:06 +00:00
#include "idl_types.h"
/*
eventlog interface definition
*/
2008-01-17 13:56:47 +01:00
2006-11-06 23:20:35 +00:00
import "lsa.idl", "security.idl";
2006-09-18 19:02:06 +00:00
[ uuid("82273fdc-e32a-18c3-3f78-827929dc23ea"),
version(0.0),
2006-09-19 22:14:34 +00:00
helpstring("Event Logger")
2006-09-18 19:02:06 +00:00
] interface eventlog
{
2008-11-20 13:29:44 +01:00
typedef [bitmap32bit] bitmap {
2006-09-18 19:02:06 +00:00
EVENTLOG_SEQUENTIAL_READ = 0x0001,
EVENTLOG_SEEK_READ = 0x0002,
EVENTLOG_FORWARDS_READ = 0x0004,
EVENTLOG_BACKWARDS_READ = 0x0008
} eventlogReadFlags;
2009-01-13 13:14:36 +01:00
typedef [public] enum {
2006-09-18 19:02:06 +00:00
EVENTLOG_SUCCESS = 0x0000,
EVENTLOG_ERROR_TYPE = 0x0001,
EVENTLOG_WARNING_TYPE = 0x0002,
EVENTLOG_INFORMATION_TYPE = 0x0004,
EVENTLOG_AUDIT_SUCCESS = 0x0008,
EVENTLOG_AUDIT_FAILURE = 0x0010
} eventlogEventTypes;
typedef struct {
uint16 unknown0;
uint16 unknown1;
} eventlog_OpenUnknown0;
2009-01-13 13:14:36 +01:00
typedef [flag(NDR_NOALIGN),public] struct {
2006-09-18 19:02:06 +00:00
uint32 size;
2009-01-13 13:14:36 +01:00
[charset(DOS),value("eLfL")] uint8 reserved[4];
2006-09-18 19:02:06 +00:00
uint32 record_number;
2009-01-12 13:45:38 +01:00
time_t time_generated;
time_t time_written;
2006-09-18 19:02:06 +00:00
uint32 event_id;
2009-01-13 13:14:36 +01:00
eventlogEventTypes event_type;
2009-01-15 10:57:00 -08:00
[max(256)] uint16 num_of_strings;
2006-09-18 19:02:06 +00:00
uint16 event_category;
uint16 reserved_flags;
uint32 closing_record_number;
uint32 stringoffset;
2009-01-12 13:45:38 +01:00
[value(ndr_size_dom_sid0(&sid, ndr->flags))] uint32 sid_size;
2006-09-18 19:02:06 +00:00
uint32 sid_offset;
uint32 data_length;
uint32 data_offset;
nstring source_name;
nstring computer_name;
2009-01-12 13:45:38 +01:00
[subcontext(0),subcontext_size(sid_size)] dom_sid0 sid;
2006-09-18 19:02:06 +00:00
nstring strings[num_of_strings];
astring raw_data;
2009-01-12 13:45:38 +01:00
[flag(NDR_ALIGN4)] DATA_BLOB _padding;
[value(size)] uint32 size2;
2006-09-18 19:02:06 +00:00
} eventlog_Record;
/******************/
/* Function: 0x00 */
NTSTATUS eventlog_ClearEventLogW(
[in] policy_handle *handle,
2008-02-04 10:14:08 +01:00
[in,unique] lsa_String *backupfile
2006-09-18 19:02:06 +00:00
);
/******************/
/* Function: 0x01 */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_BackupEventLogW();
2006-09-18 19:02:06 +00:00
/******************/
/* Function: 0x02 */
NTSTATUS eventlog_CloseEventLog(
[in,out] policy_handle *handle
);
/******************/
/* Function: 0x03 */
2008-09-17 15:07:24 +02:00
[todo] NTSTATUS eventlog_DeregisterEventSource();
2006-09-18 19:02:06 +00:00
/******************/
/* Function: 0x04 */
NTSTATUS eventlog_GetNumRecords(
[in] policy_handle *handle,
2009-01-12 13:45:04 +01:00
[out,ref] uint32 *number
2006-09-18 19:02:06 +00:00
);
/******************/
/* Function: 0x05 */
2008-02-04 10:42:33 +01:00
NTSTATUS eventlog_GetOldestRecord(
[in] policy_handle *handle,
[out,ref] uint32 *oldest_entry
);
2006-09-18 19:02:06 +00:00
/******************/
/* Function: 0x06 */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_ChangeNotify();
2006-09-18 19:02:06 +00:00
/******************/
/* Function: 0x07 */
NTSTATUS eventlog_OpenEventLogW(
[in,unique] eventlog_OpenUnknown0 *unknown0,
2008-02-04 11:07:41 +01:00
[in,ref] lsa_String *logname,
[in,ref] lsa_String *servername,
2008-11-20 13:29:44 +01:00
[in] uint32 major_version,
[in] uint32 minor_version,
2006-09-18 19:02:06 +00:00
[out] policy_handle *handle
);
/******************/
/* Function: 0x08 */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_RegisterEventSourceW();
2006-09-18 19:02:06 +00:00
/******************/
/* Function: 0x09 */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_OpenBackupEventLogW();
2006-09-18 19:02:06 +00:00
/******************/
/* Function: 0x0a */
NTSTATUS eventlog_ReadEventLogW(
[in] policy_handle *handle,
2008-11-20 13:29:44 +01:00
[in] eventlogReadFlags flags,
2006-09-18 19:02:06 +00:00
[in] uint32 offset,
2008-02-04 11:27:22 +01:00
[in] [range(0,0x7FFFF)] uint32 number_of_bytes,
[out,ref,size_is(number_of_bytes)] uint8 *data,
[out,ref] uint32 *sent_size,
[out,ref] uint32 *real_size
2006-09-18 19:02:06 +00:00
);
/*****************/
/* Function 0x0b */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_ReportEventW();
2006-09-18 19:02:06 +00:00
/*****************/
/* Function 0x0c */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_ClearEventLogA();
2006-09-18 19:02:06 +00:00
/******************/
/* Function: 0x0d */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_BackupEventLogA();
2006-09-18 19:02:06 +00:00
/*****************/
/* Function 0x0e */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_OpenEventLogA();
2006-09-18 19:02:06 +00:00
/*****************/
/* Function 0x0f */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_RegisterEventSourceA();
2006-09-18 19:02:06 +00:00
/*****************/
/* Function 0x10 */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_OpenBackupEventLogA();
2006-09-18 19:02:06 +00:00
/*****************/
/* Function 0x11 */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_ReadEventLogA();
2006-09-18 19:02:06 +00:00
/*****************/
/* Function 0x12 */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_ReportEventA();
2006-09-18 19:02:06 +00:00
/*****************/
/* Function 0x13 */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_RegisterClusterSvc();
2006-09-18 19:02:06 +00:00
/*****************/
/* Function 0x14 */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_DeregisterClusterSvc();
2006-09-18 19:02:06 +00:00
/*****************/
/* Function 0x15 */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_WriteClusterEvents();
2006-09-18 19:02:06 +00:00
/*****************/
/* Function 0x16 */
2008-09-17 15:43:04 +02:00
[todo] NTSTATUS eventlog_GetLogIntormation();
2006-09-18 19:02:06 +00:00
/*****************/
/* Function 0x17 */
NTSTATUS eventlog_FlushEventLog(
[in] policy_handle *handle
);
}