Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

eventlog.idl@ 1012

Visit:

Last change on this file since 1012 was 414, checked in by Herwig Bauernfeind, 16 years ago
Samba 3.5.0: Initial import
File size: 8.6 KB

Line
1	#include "idl_types.h"
2
3	/*
4	eventlog interface definition
5	*/
6
7	import "lsa.idl", "security.idl";
8
9	[ uuid("82273fdc-e32a-18c3-3f78-827929dc23ea"),
10	version(0.0),
11	helpstring("Event Logger")
12	] interface eventlog
13	{
14	typedef [bitmap32bit] bitmap {
15	EVENTLOG_SEQUENTIAL_READ = 0x0001,
16	EVENTLOG_SEEK_READ = 0x0002,
17	EVENTLOG_FORWARDS_READ = 0x0004,
18	EVENTLOG_BACKWARDS_READ = 0x0008
19	} eventlogReadFlags;
20
21	typedef [public] enum {
22	EVENTLOG_SUCCESS = 0x0000,
23	EVENTLOG_ERROR_TYPE = 0x0001,
24	EVENTLOG_WARNING_TYPE = 0x0002,
25	EVENTLOG_INFORMATION_TYPE = 0x0004,
26	EVENTLOG_AUDIT_SUCCESS = 0x0008,
27	EVENTLOG_AUDIT_FAILURE = 0x0010
28	} eventlogEventTypes;
29
30	typedef struct {
31	uint16 unknown0;
32	uint16 unknown1;
33	} eventlog_OpenUnknown0;
34
35	/* compat structure for samba3 on-disc eventlog format,
36	this is NOT used on the wire. - gd */
37
38	typedef [flag(NDR_NOALIGN\|NDR_PAHEX),public] struct {
39	uint32 size;
40	[charset(DOS),value("eLfL")] uint8 reserved[4];
41	uint32 record_number;
42	time_t time_generated;
43	time_t time_written;
44	uint32 event_id;
45	eventlogEventTypes event_type;
46	[range(0,256)] uint16 num_of_strings;
47	uint16 event_category;
48	uint16 reserved_flags;
49	uint32 closing_record_number;
50	uint32 stringoffset;
51	[value(sid.length)] uint32 sid_length;
52	uint32 sid_offset;
53	[value(data.length)] uint32 data_length;
54	uint32 data_offset;
55	[value(2*strlen_m_term(source_name))] uint32 source_name_len;
56	nstring source_name;
57	[value(2*strlen_m_term(computer_name))] uint32 computer_name_len;
58	nstring computer_name;
59	uint32 sid_padding;
60	DATA_BLOB sid;
61	[value(2*ndr_size_string_array(strings, num_of_strings, STR_NULLTERM))] uint32 strings_len;
62	nstring strings[num_of_strings];
63	DATA_BLOB data;
64	uint32 padding;
65	} eventlog_Record_tdb;
66
67	typedef [v1_enum] enum {
68	ELF_LOGFILE_HEADER_DIRTY = 0x0001,
69	ELF_LOGFILE_HEADER_WRAP = 0x0002,
70	ELF_LOGFILE_LOGFULL_WRITTEN = 0x0004,
71	ELF_LOGFILE_ARCHIVE_SET = 0x0008
72	} EVENTLOG_HEADER_FLAGS;
73
74	typedef [public] struct {
75	[value(0x30)] uint32 HeaderSize;
76	[charset(DOS),value("LfLe")] uint8 Signature[4];
77	[value(1)] uint32 MajorVersion;
78	[value(1)] uint32 MinorVersion;
79	uint32 StartOffset;
80	uint32 EndOffset;
81	uint32 CurrentRecordNumber;
82	uint32 OldestRecordNumber;
83	uint32 MaxSize;
84	EVENTLOG_HEADER_FLAGS Flags;
85	uint32 Retention;
86	[value(0x30)] uint32 EndHeaderSize;
87	} EVENTLOGHEADER;
88
89	typedef [public,gensize] struct {
90	uint32 Length;
91	[charset(DOS),value("LfLe")] uint8 Reserved[4];
92	uint32 RecordNumber;
93	time_t TimeGenerated;
94	time_t TimeWritten;
95	uint32 EventID;
96	eventlogEventTypes EventType;
97	uint16 NumStrings;
98	uint16 EventCategory;
99	uint16 ReservedFlags;
100	uint32 ClosingRecordNumber;
101	[value(56+2*(strlen_m_term(SourceName)+strlen_m_term(Computername))+UserSidLength)] uint32 StringOffset;
102	[value(ndr_size_dom_sid0(&UserSid, ndr->flags))] uint32 UserSidLength;
103	[value(56+2*(strlen_m_term(SourceName)+strlen_m_term(Computername)))] uint32 UserSidOffset;
104	uint32 DataLength;
105	[value(56+2(strlen_m_term(SourceName)+strlen_m_term(Computername))+UserSidLength+(2ndr_size_string_array(Strings, NumStrings, STR_NULLTERM)))] uint32 DataOffset;
106	nstring SourceName;
107	nstring Computername;
108	[flag(NDR_ALIGN4),subcontext(0),subcontext_size(UserSidLength)] dom_sid0 UserSid;
109	nstring Strings[NumStrings];
110	[flag(NDR_PAHEX)] uint8 Data[DataLength];
111	astring Pad;
112	[value(Length)] uint32 Length2;
113	} EVENTLOGRECORD;
114
115	typedef [public] struct {
116	[value(0x28)] uint32 RecordSizeBeginning;
117	[value(0x11111111)] uint32 One;
118	[value(0x22222222)] uint32 Two;
119	[value(0x33333333)] uint32 Three;
120	[value(0x44444444)] uint32 Four;
121	uint32 BeginRecord;
122	uint32 EndRecord;
123	uint32 CurrentRecordNumber;
124	uint32 OldestRecordNumber;
125	[value(0x28)] uint32 RecordSizeEnd;
126	} EVENTLOGEOF;
127
128	/* the following is true for a non-wrapped evt file (e.g. backups
129	* generated and viewed with eventvwr) */
130
131	typedef [public] struct {
132	EVENTLOGHEADER hdr;
133	EVENTLOGRECORD records[hdr.CurrentRecordNumber-hdr.OldestRecordNumber];
134	EVENTLOGEOF eof;
135	} EVENTLOG_EVT_FILE;
136
137	/******************/
138	/* Function: 0x00 */
139	NTSTATUS eventlog_ClearEventLogW(
140	[in] policy_handle *handle,
141	[in,unique] lsa_String *backupfile
142	);
143
144	/******************/
145	/* Function: 0x01 */
146	NTSTATUS eventlog_BackupEventLogW(
147	[in] policy_handle *handle,
148	[in,ref] lsa_String *backup_filename
149	);
150
151	/******************/
152	/* Function: 0x02 */
153	NTSTATUS eventlog_CloseEventLog(
154	[in,out] policy_handle *handle
155	);
156
157	/******************/
158	/* Function: 0x03 */
159	NTSTATUS eventlog_DeregisterEventSource(
160	[in,out] policy_handle *handle
161	);
162
163	/******************/
164	/* Function: 0x04 */
165	NTSTATUS eventlog_GetNumRecords(
166	[in] policy_handle *handle,
167	[out,ref] uint32 *number
168	);
169
170	/******************/
171	/* Function: 0x05 */
172	NTSTATUS eventlog_GetOldestRecord(
173	[in] policy_handle *handle,
174	[out,ref] uint32 *oldest_entry
175	);
176
177	/******************/
178	/* Function: 0x06 */
179	[todo] NTSTATUS eventlog_ChangeNotify();
180
181	/******************/
182	/* Function: 0x07 */
183	NTSTATUS eventlog_OpenEventLogW(
184	[in,unique] eventlog_OpenUnknown0 *unknown0,
185	[in,ref] lsa_String *logname,
186	[in,ref] lsa_String *servername,
187	[in] uint32 major_version,
188	[in] uint32 minor_version,
189	[out] policy_handle *handle
190	);
191
192	/******************/
193	/* Function: 0x08 */
194	NTSTATUS eventlog_RegisterEventSourceW(
195	[in,unique] eventlog_OpenUnknown0 *unknown0,
196	[in,ref] lsa_String *module_name,
197	[in,ref] lsa_String *reg_module_name,
198	[in] uint32 major_version,
199	[in] uint32 minor_version,
200	[out] policy_handle *log_handle
201	);
202
203	/******************/
204	/* Function: 0x09 */
205	NTSTATUS eventlog_OpenBackupEventLogW(
206	[in,unique] eventlog_OpenUnknown0 *unknown0,
207	[in,ref] lsa_String *backup_logname,
208	[in] uint32 major_version,
209	[in] uint32 minor_version,
210	[out] policy_handle *handle
211	);
212
213	/******************/
214	/* Function: 0x0a */
215	NTSTATUS eventlog_ReadEventLogW(
216	[in] policy_handle *handle,
217	[in] eventlogReadFlags flags,
218	[in] uint32 offset,
219	[in] [range(0,0x7FFFF)] uint32 number_of_bytes,
220	[out,ref,size_is(number_of_bytes)] uint8 *data,
221	[out,ref] uint32 *sent_size,
222	[out,ref] uint32 *real_size
223	);
224
225	/*****************/
226	/* Function 0x0b */
227	NTSTATUS eventlog_ReportEventW(
228	[in] policy_handle *handle,
229	[in] time_t timestamp,
230	[in] eventlogEventTypes event_type,
231	[in] uint16 event_category,
232	[in] uint32 event_id,
233	[in] [range(0,256)] uint16 num_of_strings,
234	[in] [range(0,0x3FFFF)] uint32 data_size,
235	[in,ref] lsa_String *servername,
236	[in,unique] dom_sid *user_sid,
237	[in,unique] [size_is(num_of_strings)] lsa_String **strings,
238	[in,unique] [size_is(data_size)] uint8 *data,
239	[in] uint16 flags,
240	[in,out,unique] uint32 *record_number,
241	[in,out,unique] time_t *time_written
242	);
243
244	/*****************/
245	/* Function 0x0c */
246	[todo] NTSTATUS eventlog_ClearEventLogA();
247
248	/******************/
249	/* Function: 0x0d */
250	[todo] NTSTATUS eventlog_BackupEventLogA();
251
252	/*****************/
253	/* Function 0x0e */
254	[todo] NTSTATUS eventlog_OpenEventLogA();
255
256	/*****************/
257	/* Function 0x0f */
258	[todo] NTSTATUS eventlog_RegisterEventSourceA();
259
260	/*****************/
261	/* Function 0x10 */
262	[todo] NTSTATUS eventlog_OpenBackupEventLogA();
263
264	/*****************/
265	/* Function 0x11 */
266	[todo] NTSTATUS eventlog_ReadEventLogA();
267
268	/*****************/
269	/* Function 0x12 */
270	[todo] NTSTATUS eventlog_ReportEventA();
271
272	/*****************/
273	/* Function 0x13 */
274	[todo] NTSTATUS eventlog_RegisterClusterSvc();
275
276	/*****************/
277	/* Function 0x14 */
278	[todo] NTSTATUS eventlog_DeregisterClusterSvc();
279
280	/*****************/
281	/* Function 0x15 */
282	[todo] NTSTATUS eventlog_WriteClusterEvents();
283
284	/*****************/
285	/* Function 0x16 */
286
287	typedef [public] struct {
288	boolean32 full;
289	} EVENTLOG_FULL_INFORMATION;
290
291	NTSTATUS eventlog_GetLogInformation(
292	[in] policy_handle *handle,
293	[in] uint32 level,
294	[out,ref] [size_is(buf_size)] uint8 *buffer,
295	[in] [range(0,1024)] uint32 buf_size,
296	[out,ref] uint32 *bytes_needed
297	);
298
299	/*****************/
300	/* Function 0x17 */
301	NTSTATUS eventlog_FlushEventLog(
302	[in] policy_handle *handle
303	);
304
305	/*****************/
306	/* Function 0x18 */
307	NTSTATUS eventlog_ReportEventAndSourceW(
308	[in] policy_handle *handle,
309	[in] time_t timestamp,
310	[in] eventlogEventTypes event_type,
311	[in] uint16 event_category,
312	[in] uint32 event_id,
313	[in,ref] lsa_String *sourcename,
314	[in] [range(0,256)] uint16 num_of_strings,
315	[in] [range(0,0x3FFFF)] uint32 data_size,
316	[in,ref] lsa_String *servername,
317	[in,unique] dom_sid *user_sid,
318	[in,unique] [size_is(num_of_strings)] lsa_String **strings,
319	[in,unique] [size_is(data_size)] uint8 *data,
320	[in] uint16 flags,
321	[in,out,unique] uint32 *record_number,
322	[in,out,unique] time_t *time_written
323	);
324	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/server/librpc/idl/eventlog.idl@ 1012

Download in other formats: