Wireshark  2.9.0-477-g68ec514b
The Wireshark network protocol analyzer
eventlog.idl
1 #include "idl_types.h"
2 
3 /* import "lsa.idl", "security.idl";*/
4 
5 /*
6  eventlog interface definition
7 */
8 [ uuid("82273fdc-e32a-18c3-3f78-827929dc23ea"),
9  version(0.0),
10  pointer_default(unique),
11  helpstring("Event Logger")
12 ] interface eventlog
13 {
14  typedef bitmap {
15  EVENTLOG_SEQUENTIAL_READ = 0x0001,
16  EVENTLOG_SEEK_READ = 0x0002,
17  EVENTLOG_FORWARDS_READ = 0x0004,
18  EVENTLOG_BACKWARDS_READ = 0x0008
19  } eventlogReadFlags;
20 
21  typedef bitmap {
22  EVENTLOG_SUCCESS = 0x0000,
23  EVENTLOG_ERROR_TYPE = 0x0001,
24  EVENTLOG_WARNING_TYPE = 0x0002,
25  EVENTLOG_INFORMATION_TYPE = 0x0004,
26  EVENTLOG_AUDIT_SUCCESS = 0x0008,
27  EVENTLOG_AUDIT_FAILURE = 0x0010
28  } eventlogEventTypes;
29 
30  typedef struct {
31  uint16 unknown0;
32  uint16 unknown1;
34 
35  typedef [public] struct {
36  uint32 size;
37  uint32 reserved;
38  uint32 record_number;
39  uint32 time_generated;
40  uint32 time_written;
41  uint32 event_id;
42  uint16 event_type;
43  uint16 num_of_strings;
44  uint16 event_category;
45  uint16 reserved_flags;
46  uint32 closing_record_number;
47  uint32 stringoffset;
48  uint32 sid_length;
49  uint32 sid_offset;
50  uint32 data_length;
51  uint32 data_offset;
52  nstring source_name;
53  nstring computer_name;
54  nstring strings[num_of_strings];
55  astring raw_data;
56  } eventlog_Record;
57 
58  /******************/
59  /* Function: 0x00 */
60  NTSTATUS eventlog_ClearEventLogW(
61  [in] policy_handle *handle,
62  [in,unique] lsa_String *backupfilename
63  );
64 
65  /******************/
66  /* Function: 0x01 */
67  NTSTATUS eventlog_BackupEventLogW(
68  [in] policy_handle *handle,
69  [in,unique] lsa_String *backupfilename
70  );
71 
72  /******************/
73  /* Function: 0x02 */
74  NTSTATUS eventlog_CloseEventLog(
75  [in,out] policy_handle *handle
76  );
77 
78  /******************/
79  /* Function: 0x03 */
80  NTSTATUS eventlog_DeregisterEventSource(
81  [in,out] policy_handle *handle
82  );
83 
84  /******************/
85  /* Function: 0x04 */
86  NTSTATUS eventlog_GetNumRecords(
87  [in] policy_handle *handle,
88  [out,ref] uint32 *number
89  );
90 
91  /******************/
92  /* Function: 0x05 */
93  NTSTATUS eventlog_GetOldestRecord(
94  [in] policy_handle *handle,
95  [out,ref] uint32 *oldest
96  );
97 
98  /******************/
99  /* Function: 0x06 */
100  typedef struct {
101  uint32 unknown0;
102  uint32 unknown1;
104 
105  NTSTATUS eventlog_ChangeNotify(
106  [in] policy_handle *handle,
107  [in, ref] eventlog_ChangeUnknown0 *unknown2,
108  [in] uint32 unknown3
109  );
110 
111  /******************/
112  /* Function: 0x07 */
113  NTSTATUS eventlog_OpenEventLogW(
114  [in,unique] eventlog_OpenUnknown0 *unknown0,
115  [in] lsa_String Module,
116  [in] lsa_String RegModuleName,
117  [in] uint32 MajorVersion,
118  [in] uint32 MinorVersion,
119  [out] policy_handle *handle
120  );
121 
122  /******************/
123  /* Function: 0x08 */
124  NTSTATUS eventlog_RegisterEventSourceW(
125  [in,unique] eventlog_OpenUnknown0 *unknown0,
126  [in] lsa_String logname,
127  [in] lsa_String servername,
128  [in] uint32 unknown2,
129  [in] uint32 unknown3,
130  [out] policy_handle *handle
131  );
132 
133  /******************/
134  /* Function: 0x09 */
135  NTSTATUS eventlog_OpenBackupEventLogW(
136  [in,unique] eventlog_OpenUnknown0 *unknown0,
137  [in] lsa_String logname,
138  [in] uint32 unknown2,
139  [in] uint32 unknown3,
140  [out] policy_handle *handle
141  );
142 
143  /******************/
144  /* Function: 0x0a */
145  NTSTATUS eventlog_ReadEventLogW(
146  [in] policy_handle *handle,
147  [in] eventlogReadFlags flags,
148  [in] uint32 offset,
149  [in] uint32 number_of_bytes,
150  [out,size_is(number_of_bytes)] uint8 *data,
151  [out,ref] uint32 *sent_size,
152  [out,ref] uint32 *real_size
153  );
154 
155  /*****************/
156  /* Function 0x0b */
157  NTSTATUS eventlog_ReportEventW(
158  [in] policy_handle *handle,
159  [in] uint32 time,
160  [in] eventlogEventTypes Type,
161  [in] uint16 event_category,
162  [in] uint32 event_id,
163  [in] uint16 num_of_strings,
164  [in] uint32 data_length,
165  [in] lsa_String computer_name
166  /* sid */
167  );
168 
169  /*****************/
170  /* Function 0x0c */
171  NTSTATUS eventlog_ClearEventLogA();
172 
173  /******************/
174  /* Function: 0x0d */
175  NTSTATUS eventlog_BackupEventLogA();
176 
177  /*****************/
178  /* Function 0x0e */
179  NTSTATUS eventlog_OpenEventLogA();
180 
181  /*****************/
182  /* Function 0x0f */
183  NTSTATUS eventlog_RegisterEventSourceA();
184 
185  /*****************/
186  /* Function 0x10 */
187  NTSTATUS eventlog_OpenBackupEventLogA();
188 
189  /*****************/
190  /* Function 0x11 */
191  NTSTATUS eventlog_ReadEventLogA();
192 
193  /*****************/
194  /* Function 0x12 */
195  NTSTATUS eventlog_ReportEventA();
196 
197  /*****************/
198  /* Function 0x13 */
199  NTSTATUS eventlog_RegisterClusterSvc();
200 
201  /*****************/
202  /* Function 0x14 */
203  NTSTATUS eventlog_DeregisterClusterSvc();
204 
205  /*****************/
206  /* Function 0x15 */
207  NTSTATUS eventlog_WriteClusterEvents();
208 
209  /*****************/
210  /* Function 0x16 */
211  NTSTATUS eventlog_GetLogIntormation(
212  [in] policy_handle *handle,
213  [in] uint32 dwInfoLevel,
214  [out] [size_is(cbBufSize)] char lpBuffer[*],
215  [in] uint32 cbBufSize,
216  [out,ref] long *cbBytesNeeded
217  );
218 
219  /*****************/
220  /* Function 0x17 */
221  NTSTATUS eventlog_FlushEventLog(
222  [in] policy_handle *handle
223  );
224 }
Definition: eventlog.idl:30
Definition: eventlog.idl:12
Definition: eventlog.idl:100