xref: /illumos-gate/usr/src/uts/common/smbsrv/ndl/eventlog.ndl (revision 9b4e3ac25d882519cad3fc11f0c53b07f4e60536) 
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#ifndef _MLSVC_LOGR_NDL_
27#define _MLSVC_LOGR_NDL_
28
29/*
30 ***********************************************************************
31 *
32 * Event log RPC (EVENTLOG) interface definition.
33 *
34 ***********************************************************************
35 */
36
37#include "ndrtypes.ndl"
38
39#define LOGR_OPNUM_EventLogClose		0x02
40#define LOGR_OPNUM_EventLogQueryCount		0x04
41#define LOGR_OPNUM_EventLogGetOldestRec		0x05
42#define LOGR_OPNUM_EventLogOpen			0x07
43#define LOGR_OPNUM_EventLogRead			0x0A
44
45#define LOGR_INFOLEN	200
46#define LOGR_RECBUFLEN	0x4000
47
48
49CONTEXT_HANDLE(logr_handle) logr_handle_t;
50
51
52struct logr_string {
53	WORD		length;
54	WORD		allosize;
55	LPTSTR		str;
56};
57typedef struct logr_string logr_string_t;
58
59
60struct logr_record {
61	DWORD  Length1;        // Length of full record
62	DWORD  Reserved;      // Used by the service
63	DWORD  RecordNumber;  // Absolute record number
64	DWORD  TimeGenerated; // Seconds since 1-1-1970
65	DWORD  TimeWritten;   // Seconds since 1-1-1970
66	DWORD  EventID;
67	WORD   EventType;
68	WORD   NumStrings;
69	WORD   EventCategory;
70	WORD   ReservedFlags; // For use with paired events (auditing)
71	DWORD  ClosingRecordNumber; // For use with paired events (auditing)
72	DWORD  StringOffset;  // Offset from beginning of record
73	DWORD  UserSidLength;
74	DWORD  UserSidOffset;
75	DWORD  DataLength;
76	DWORD  DataOffset;
77	//
78	// Then follow:
79	//
80	// WCHAR SourceName[]	null terminated
81	// WCHAR Computername[]	null terminated
82	// SID   UserSid
83	// WCHAR Strings[]
84	// BYTE  Data[]
85	// CHAR  Pad[]	to DWORD
86	// DWORD Length; must be appear
87	BYTE   info[LOGR_INFOLEN];
88	DWORD  Length2;
89};
90typedef struct logr_record logr_record_t;
91
92/*
93 ***********************************************************************
94 * LOGR_OPNUM_EventLogClose
95 ***********************************************************************
96 */
97OPERATION(LOGR_OPNUM_EventLogClose)
98struct logr_EventLogClose {
99	IN		logr_handle_t handle;
100	OUT		logr_handle_t result_handle;
101	OUT	DWORD status;
102};
103
104/*
105 ***********************************************************************
106 * LOGR_OPNUM_EventLogQueryCount
107 ***********************************************************************
108 */
109OPERATION(LOGR_OPNUM_EventLogQueryCount)
110struct logr_EventLogQueryCount {
111	IN		logr_handle_t handle;
112	OUT		DWORD rec_num;
113	OUT		DWORD status;
114};
115
116/*
117 ***********************************************************************
118 * LOGR_OPNUM_EventLogGetOldestRec
119 ***********************************************************************
120 */
121OPERATION(LOGR_OPNUM_EventLogGetOldestRec)
122struct logr_EventLogGetOldestRec {
123	IN		logr_handle_t handle;
124	OUT		DWORD oldest_rec;
125	OUT		DWORD status;
126};
127
128/*
129 ***********************************************************************
130 * LOGR_OPNUM_EventLogOpen
131 ***********************************************************************
132 */
133OPERATION(LOGR_OPNUM_EventLogOpen)
134struct logr_EventLogOpen {
135	IN		DWORD *whatever;
136	IN		logr_string_t log_name;
137	IN		DWORD unknown1;
138	IN		DWORD unknown2;
139	IN		DWORD unknown3;
140	OUT		logr_handle_t handle;
141	OUT		DWORD status;
142};
143
144/*
145 ***********************************************************************
146 * LOGR_OPNUM_EventLogRead
147 ***********************************************************************
148 */
149union logr_read_u {
150	CASE(1024)	BYTE rec[1024];
151	DEFAULT	BYTE	recs[LOGR_RECBUFLEN];
152};
153
154
155struct logr_read_info {
156	DWORD nbytes_to_read;
157  SWITCH(nbytes_to_read)
158	union logr_read_u ru;
159};
160
161OPERATION(LOGR_OPNUM_EventLogRead)
162struct logr_EventLogRead {
163	IN		logr_handle_t handle;
164	IN		DWORD read_flags;
165	IN		DWORD rec_offset;
166	INOUT		DWORD nbytes_to_read;
167SWITCH (nbytes_to_read)
168	OUT		union logr_read_u ru;
169	OUT		DWORD sent_size;
170	OUT		DWORD unknown;
171	OUT		DWORD status;
172};
173
174/*
175 ***********************************************************************
176 * The EVENTLOG interface definition.
177 ***********************************************************************
178 */
179INTERFACE(0)
180union logr_interface {
181	CASE(LOGR_OPNUM_EventLogClose)
182		struct logr_EventLogClose		EventLogClose;
183	CASE(LOGR_OPNUM_EventLogQueryCount)
184		struct logr_EventLogQueryCount		EventLogQueryCount;
185	CASE(LOGR_OPNUM_EventLogGetOldestRec)
186		struct logr_EventLogGetOldestRec	EventLogGetOldestRec;
187	CASE(LOGR_OPNUM_EventLogOpen)
188		struct logr_EventLogOpen		EventLogOpen;
189	CASE(LOGR_OPNUM_EventLogRead)
190		struct logr_EventLogRead		EventLogRead;
191};
192typedef union logr_interface	logr_interface_t;
193EXTERNTYPEINFO(logr_interface)
194
195
196#endif /* _MLSVC_LOGR_NDL_ */
197