2003-11-21 16:14:17 +03:00
#include "idl_types.h"
2003-11-21 00:52:40 +03:00
/*
eventlog interface definition
*/
2006-11-07 01:54:49 +03:00
import "lsa.idl", "security.idl";
2004-10-27 08:48:41 +04:00
[ uuid("82273fdc-e32a-18c3-3f78-827929dc23ea"),
2003-11-21 06:07:02 +03:00
version(0.0),
2004-08-16 23:03:22 +04:00
pointer_default(unique),
2006-09-19 01:52:00 +04:00
helpstring("Event Logger")
2003-11-21 00:52:40 +03:00
] interface eventlog
{
2005-08-06 04:46:43 +04:00
typedef bitmap {
2005-08-06 02:57:47 +04:00
EVENTLOG_SEQUENTIAL_READ = 0x0001,
2005-08-06 04:46:43 +04:00
EVENTLOG_SEEK_READ = 0x0002,
EVENTLOG_FORWARDS_READ = 0x0004,
EVENTLOG_BACKWARDS_READ = 0x0008
2005-08-06 02:57:47 +04:00
} eventlogReadFlags;
2005-08-06 04:46:43 +04:00
typedef bitmap {
EVENTLOG_SUCCESS = 0x0000,
EVENTLOG_ERROR_TYPE = 0x0001,
EVENTLOG_WARNING_TYPE = 0x0002,
2005-08-06 02:57:47 +04:00
EVENTLOG_INFORMATION_TYPE = 0x0004,
2005-08-06 04:46:43 +04:00
EVENTLOG_AUDIT_SUCCESS = 0x0008,
EVENTLOG_AUDIT_FAILURE = 0x0010
2005-08-06 02:57:47 +04:00
} eventlogEventTypes;
2003-11-21 06:07:02 +03:00
typedef struct {
uint16 unknown0;
uint16 unknown1;
} eventlog_OpenUnknown0;
2005-08-06 02:57:47 +04:00
2005-08-11 07:31:35 +04:00
typedef [public] struct {
2004-05-14 22:59:00 +04:00
uint32 size;
uint32 reserved;
2005-08-11 07:31:35 +04:00
uint32 record_number;
uint32 time_generated;
uint32 time_written;
uint32 event_id;
uint16 event_type;
2004-05-14 22:59:00 +04:00
uint16 num_of_strings;
2005-08-11 07:31:35 +04:00
uint16 event_category;
uint16 reserved_flags;
uint32 closing_record_number;
2004-05-14 22:59:00 +04:00
uint32 stringoffset;
uint32 sid_length;
2005-08-11 07:31:35 +04:00
uint32 sid_offset;
2004-05-14 22:59:00 +04:00
uint32 data_length;
2005-08-11 07:31:35 +04:00
uint32 data_offset;
nstring source_name;
nstring computer_name;
2005-08-11 08:05:21 +04:00
nstring strings[num_of_strings];
astring raw_data;
2004-05-14 22:59:00 +04:00
} eventlog_Record;
2003-11-21 00:52:40 +03:00
/******************/
/* Function: 0x00 */
2005-08-06 02:57:47 +04:00
NTSTATUS eventlog_ClearEventLogW(
2005-10-16 19:47:28 +04:00
[in] policy_handle *handle,
[in,unique] lsa_String *unknown
2005-08-06 02:57:47 +04:00
);
2003-11-21 00:52:40 +03:00
/******************/
/* Function: 0x01 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_BackupEventLogW();
2004-05-14 22:59:00 +04:00
2003-11-21 00:52:40 +03:00
/******************/
/* Function: 0x02 */
2005-05-30 17:52:52 +04:00
NTSTATUS eventlog_CloseEventLog(
2005-10-16 19:47:28 +04:00
[in,out] policy_handle *handle
2005-08-05 22:28:19 +04:00
);
2004-05-14 22:59:00 +04:00
2003-11-21 00:52:40 +03:00
/******************/
/* Function: 0x03 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_DeregisterEventSource();
2004-05-14 22:59:00 +04:00
/******************/
/* Function: 0x04 */
NTSTATUS eventlog_GetNumRecords(
2005-10-16 19:47:28 +04:00
[in] policy_handle *handle,
2006-11-23 03:34:31 +03:00
[out] uint32 *number
2005-08-05 22:28:19 +04:00
);
2004-05-14 22:59:00 +04:00
/******************/
/* Function: 0x05 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_GetOldestRecord();
2004-05-14 22:59:00 +04:00
/******************/
/* Function: 0x06 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_ChangeNotify();
2004-05-14 22:59:00 +04:00
/******************/
/* Function: 0x07 */
2004-08-13 05:31:11 +04:00
NTSTATUS eventlog_OpenEventLogW(
2005-10-16 19:47:28 +04:00
[in,unique] eventlog_OpenUnknown0 *unknown0,
2005-08-06 02:57:47 +04:00
[in] lsa_String logname,
[in] lsa_String servername,
2005-08-05 22:28:19 +04:00
[in] uint32 unknown2,
[in] uint32 unknown3,
2005-10-16 19:47:28 +04:00
[out] policy_handle *handle
2005-08-05 22:28:19 +04:00
);
2004-05-14 22:59:00 +04:00
/******************/
/* Function: 0x08 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_RegisterEventSourceW();
2004-05-14 22:59:00 +04:00
/******************/
/* Function: 0x09 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_OpenBackupEventLogW();
2004-05-14 22:59:00 +04:00
/******************/
/* Function: 0x0a */
2004-08-13 05:31:11 +04:00
NTSTATUS eventlog_ReadEventLogW(
2005-10-16 19:47:28 +04:00
[in] policy_handle *handle,
2005-08-05 22:28:19 +04:00
[in] uint32 flags,
[in] uint32 offset,
2005-08-06 04:46:43 +04:00
[in] uint32 number_of_bytes,
2005-10-16 19:47:28 +04:00
[out,size_is(number_of_bytes)] uint8 *data,
2006-11-23 03:34:31 +03:00
[out] uint32 *sent_size,
[out] uint32 *real_size
2005-08-05 22:28:19 +04:00
);
2004-05-14 22:59:00 +04:00
2004-08-13 05:31:11 +04:00
/*****************/
/* Function 0x0b */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_ReportEventW();
2004-08-13 05:31:11 +04:00
/*****************/
/* Function 0x0c */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_ClearEventLogA();
2004-08-13 05:31:11 +04:00
/******************/
/* Function: 0x0d */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_BackupEventLogA();
2004-08-13 05:31:11 +04:00
/*****************/
/* Function 0x0e */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_OpenEventLogA();
2004-08-13 05:31:11 +04:00
/*****************/
/* Function 0x0f */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_RegisterEventSourceA();
2004-08-13 05:31:11 +04:00
/*****************/
/* Function 0x10 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_OpenBackupEventLogA();
2004-08-13 05:31:11 +04:00
/*****************/
/* Function 0x11 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_ReadEventLogA();
2004-08-13 05:31:11 +04:00
/*****************/
/* Function 0x12 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_ReportEventA();
2004-08-13 05:31:11 +04:00
/*****************/
/* Function 0x13 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_RegisterClusterSvc();
2004-08-13 05:31:11 +04:00
/*****************/
/* Function 0x14 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_DeregisterClusterSvc();
2004-08-13 05:31:11 +04:00
/*****************/
/* Function 0x15 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_WriteClusterEvents();
2004-08-13 05:31:11 +04:00
/*****************/
/* Function 0x16 */
2008-04-08 05:15:55 +04:00
[todo] NTSTATUS eventlog_GetLogIntormation();
2004-08-13 05:31:11 +04:00
/*****************/
/* Function 0x17 */
2005-08-06 04:58:06 +04:00
NTSTATUS eventlog_FlushEventLog(
2005-10-16 19:47:28 +04:00
[in] policy_handle *handle
2005-08-06 04:58:06 +04:00
);
2003-11-21 00:52:40 +03:00
}
