diff options
Diffstat (limited to 'librpc/gen_ndr/eventlog.h')
-rw-r--r-- | librpc/gen_ndr/eventlog.h | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/librpc/gen_ndr/eventlog.h b/librpc/gen_ndr/eventlog.h index 8dc0d0d146..94da688f5c 100644 --- a/librpc/gen_ndr/eventlog.h +++ b/librpc/gen_ndr/eventlog.h @@ -65,6 +65,112 @@ struct eventlog_Record { uint32_t size2;/* [value(size)] */ }/* [public,flag(LIBNDR_FLAG_NOALIGN)] */; +struct eventlog_Record_tdb { + uint32_t size; + const char *reserved;/* [value("eLfL"),charset(DOS)] */ + uint32_t record_number; + time_t time_generated; + time_t time_written; + uint32_t event_id; + enum eventlogEventTypes event_type; + uint16_t num_of_strings;/* [range(0,256)] */ + uint16_t event_category; + uint16_t reserved_flags; + uint32_t closing_record_number; + uint32_t stringoffset; + uint32_t sid_length;/* [value(sid.length)] */ + uint32_t sid_offset; + uint32_t data_length;/* [value(data.length)] */ + uint32_t data_offset; + uint32_t source_name_len;/* [value(2*strlen_m_term(source_name))] */ + const char * source_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ + uint32_t computer_name_len;/* [value(2*strlen_m_term(computer_name))] */ + const char * computer_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ + uint32_t sid_padding; + DATA_BLOB sid; + uint32_t strings_len;/* [value(2*ndr_size_string_array(strings,num_of_strings,LIBNDR_FLAG_STR_NULLTERM))] */ + const char * *strings;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ + DATA_BLOB data; + uint32_t padding; +}/* [public,flag(LIBNDR_FLAG_NOALIGN|LIBNDR_PRINT_ARRAY_HEX)] */; + +enum EVENTLOG_HEADER_FLAGS +#ifndef USE_UINT_ENUMS + { + ELF_LOGFILE_HEADER_DIRTY=0x0001, + ELF_LOGFILE_HEADER_WRAP=0x0002, + ELF_LOGFILE_LOGFULL_WRITTEN=0x0004, + ELF_LOGFILE_ARCHIVE_SET=0x0008 +} +#else + { __donnot_use_enum_EVENTLOG_HEADER_FLAGS=0x7FFFFFFF} +#define ELF_LOGFILE_HEADER_DIRTY ( 0x0001 ) +#define ELF_LOGFILE_HEADER_WRAP ( 0x0002 ) +#define ELF_LOGFILE_LOGFULL_WRITTEN ( 0x0004 ) +#define ELF_LOGFILE_ARCHIVE_SET ( 0x0008 ) +#endif +; + +struct EVENTLOGHEADER { + uint32_t HeaderSize;/* [value(0x30)] */ + const char *Signature;/* [value("LfLe"),charset(DOS)] */ + uint32_t MajorVersion;/* [value] */ + uint32_t MinorVersion;/* [value] */ + uint32_t StartOffset; + uint32_t EndOffset; + uint32_t CurrentRecordNumber; + uint32_t OldestRecordNumber; + uint32_t MaxSize; + enum EVENTLOG_HEADER_FLAGS Flags; + uint32_t Retention; + uint32_t EndHeaderSize;/* [value(0x30)] */ +}/* [public] */; + +struct EVENTLOGRECORD { + uint32_t Length; + const char *Reserved;/* [value("LfLe"),charset(DOS)] */ + uint32_t RecordNumber; + time_t TimeGenerated; + time_t TimeWritten; + uint32_t EventID; + enum eventlogEventTypes EventType; + uint16_t NumStrings; + uint16_t EventCategory; + uint16_t ReservedFlags; + uint32_t ClosingRecordNumber; + uint32_t StringOffset;/* [value(56+2*(strlen_m_term(SourceName)+strlen_m_term(Computername))+UserSidLength)] */ + uint32_t UserSidLength;/* [value(ndr_size_dom_sid0(&UserSid,ndr->flags))] */ + uint32_t UserSidOffset;/* [value(56+2*(strlen_m_term(SourceName)+strlen_m_term(Computername)))] */ + uint32_t DataLength; + uint32_t DataOffset;/* [value(56+2*(strlen_m_term(SourceName)+strlen_m_term(Computername))+UserSidLength+(2*ndr_size_string_array(Strings,NumStrings,LIBNDR_FLAG_STR_NULLTERM)))] */ + const char * SourceName;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ + const char * Computername;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ + struct dom_sid0 UserSid;/* [subcontext_size(UserSidLength),subcontext(0),flag(LIBNDR_FLAG_ALIGN4)] */ + const char * *Strings;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ + uint8_t *Data;/* [flag(LIBNDR_PRINT_ARRAY_HEX)] */ + const char * Pad;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ + uint32_t Length2;/* [value(Length)] */ +}/* [gensize,public] */; + +struct EVENTLOGEOF { + uint32_t RecordSizeBeginning;/* [value(0x28)] */ + uint32_t One;/* [value(0x11111111)] */ + uint32_t Two;/* [value(0x22222222)] */ + uint32_t Three;/* [value(0x33333333)] */ + uint32_t Four;/* [value(0x44444444)] */ + uint32_t BeginRecord; + uint32_t EndRecord; + uint32_t CurrentRecordNumber; + uint32_t OldestRecordNumber; + uint32_t RecordSizeEnd;/* [value(0x28)] */ +}/* [public] */; + +struct EVENTLOG_EVT_FILE { + struct EVENTLOGHEADER hdr; + struct EVENTLOGRECORD *records; + struct EVENTLOGEOF eof; +}/* [public] */; + struct EVENTLOG_FULL_INFORMATION { uint32_t full; }; |