diff options
Diffstat (limited to 'source3/include/rpc_eventlog.h')
| -rw-r--r-- | source3/include/rpc_eventlog.h | 123 |
1 files changed, 123 insertions, 0 deletions
diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h new file mode 100644 index 0000000000..3f5d03ed63 --- /dev/null +++ b/source3/include/rpc_eventlog.h @@ -0,0 +1,123 @@ +/* + * Unix SMB/CIFS implementation. + * RPC Pipe client / server routines + * Copyright (C) Marcin Krzysztof Porwit 2005. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef _RPC_EVENTLOG_H /* _RPC_EVENTLOG_H */ +#define _RPC_EVENTLOG_H + +/* opcodes */ + +#define EVENTLOG_CLEAREVENTLOG 0x00 +#define EVENTLOG_CLOSEEVENTLOG 0x02 +#define EVENTLOG_GETNUMRECORDS 0x04 +#define EVENTLOG_GETOLDESTENTRY 0x05 +#define EVENTLOG_OPENEVENTLOG 0x07 +#define EVENTLOG_READEVENTLOG 0x0a + +/* Eventlog read flags */ +/* defined in librpc/gen_ndr/eventlog.h */ + +/* Event types */ +/* defined in librpc/gen_ndr/eventlog.h */ + +/* Defines for TDB keys */ +#define EVT_OLDEST_ENTRY "INFO/oldest_entry" +#define EVT_NEXT_RECORD "INFO/next_record" +#define EVT_VERSION "INFO/version" +#define EVT_MAXSIZE "INFO/maxsize" +#define EVT_RETENTION "INFO/retention" + +#define ELOG_APPL "Application" +#define ELOG_SYS "System" +#define ELOG_SEC "Security" + +typedef struct elog_tdb { + struct elog_tdb *prev, *next; + char *name; + TDB_CONTEXT *tdb; + int ref_count; +} ELOG_TDB; + +#define ELOG_TDB_CTX(x) ((x)->tdb) + + +#define EVENTLOG_DATABASE_VERSION_V1 1 + +/***********************************/ + +typedef struct +{ + POLICY_HND handle; + uint32 flags; + uint32 offset; + uint32 max_read_size; +} EVENTLOG_Q_READ_EVENTLOG; + +typedef struct { + uint32 length; + uint32 reserved1; + uint32 record_number; + uint32 time_generated; + uint32 time_written; + uint32 event_id; + uint16 event_type; + uint16 num_strings; + uint16 event_category; + uint16 reserved2; + uint32 closing_record_number; + uint32 string_offset; + uint32 user_sid_length; + uint32 user_sid_offset; + uint32 data_length; + uint32 data_offset; +} Eventlog_record; + +typedef struct { + uint32 source_name_len; + smb_ucs2_t *source_name; + uint32 computer_name_len; + smb_ucs2_t *computer_name; + uint32 sid_padding; + smb_ucs2_t *sid; + uint32 strings_len; + smb_ucs2_t *strings; + uint32 user_data_len; + char *user_data; + uint32 data_padding; +} Eventlog_data_record; + +typedef struct eventlog_entry { + Eventlog_record record; + Eventlog_data_record data_record; + uint8 *data; + uint8 *end_of_data_padding; + struct eventlog_entry *next; +} Eventlog_entry; + +typedef struct { + uint32 num_bytes_in_resp; + uint32 bytes_in_next_record; + uint32 num_records; + Eventlog_entry *entry; + uint8 *end_of_entries_padding; + uint32 sent_size; + uint32 real_size; + NTSTATUS status; +} EVENTLOG_R_READ_EVENTLOG; + +#endif /* _RPC_EVENTLOG_H */ |