4 eventlog interface definition
6 [ uuid("82273fdc-e32a-18c3-3f78-827929dc23ea"),
9 pointer_default(unique),
10 pointer_default_top
(unique),
11 helpstring("Event Logger")
15 EVENTLOG_SEQUENTIAL_READ
= 0x0001,
16 EVENTLOG_SEEK_READ
= 0x0002,
17 EVENTLOG_FORWARDS_READ
= 0x0004,
18 EVENTLOG_BACKWARDS_READ
= 0x0008
22 EVENTLOG_SUCCESS
= 0x0000,
23 EVENTLOG_ERROR_TYPE
= 0x0001,
24 EVENTLOG_WARNING_TYPE
= 0x0002,
25 EVENTLOG_INFORMATION_TYPE
= 0x0004,
26 EVENTLOG_AUDIT_SUCCESS
= 0x0008,
27 EVENTLOG_AUDIT_FAILURE
= 0x0010
33 } eventlog_OpenUnknown0
;
43 uint16 num_of_strings
;
48 [size_is(num_of_strings
)] lsa_String bla
[*];
50 [size_is(sid_length
)] dom_sid
*sids
;
52 [size_is(data_length
)] uint8
*data
;
59 NTSTATUS eventlog_ClearEventLogW
(
60 [in,ref] policy_handle
*handle,
61 [in] lsa_String
*unknown
66 NTSTATUS eventlog_BackupEventLogW
();
70 NTSTATUS eventlog_CloseEventLog
(
71 [in,out,ref] policy_handle
*handle
77 NTSTATUS eventlog_DeregisterEventSource
();
81 NTSTATUS eventlog_GetNumRecords
(
82 [in,ref] policy_handle
*handle,
88 NTSTATUS eventlog_GetOldestRecord
();
92 NTSTATUS eventlog_ChangeNotify
();
96 NTSTATUS eventlog_OpenEventLogW
(
97 [in] eventlog_OpenUnknown0
*unknown0
,
98 [in] lsa_String logname
,
99 [in] lsa_String servername
,
100 [in] uint32 unknown2
,
101 [in] uint32 unknown3
,
102 [out,ref] policy_handle
*handle
107 NTSTATUS eventlog_RegisterEventSourceW
();
111 NTSTATUS eventlog_OpenBackupEventLogW
();
115 NTSTATUS eventlog_ReadEventLogW
(
116 [in,ref] policy_handle
*handle,
119 [in,out] uint32 number_of_bytes
,
120 [out,ref,size_is(number_of_bytes
)] uint8
*data
,
121 [out] uint32 sent_size
,
122 [out] uint32 real_size
127 NTSTATUS eventlog_ReportEventW
();
131 NTSTATUS eventlog_ClearEventLogA
();
135 NTSTATUS eventlog_BackupEventLogA
();
139 NTSTATUS eventlog_OpenEventLogA
();
143 NTSTATUS eventlog_RegisterEventSourceA
();
147 NTSTATUS eventlog_OpenBackupEventLogA
();
151 NTSTATUS eventlog_ReadEventLogA
();
155 NTSTATUS eventlog_ReportEventA
();
159 NTSTATUS eventlog_RegisterClusterSvc
();
163 NTSTATUS eventlog_DeregisterClusterSvc
();
167 NTSTATUS eventlog_WriteClusterEvents
();
171 NTSTATUS eventlog_GetLogIntormation
();
175 NTSTATUS eventlog_FlushEventLog
();