1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#ifndef _MLSVC_LOGR_NDL_
27#define _MLSVC_LOGR_NDL_
28
29#pragma ident	"%Z%%M%	%I%	%E% SMI"
30
31/*
32 ***********************************************************************
33 *
34 * Event log RPC (EVENTLOG) interface definition.
35 *
36 ***********************************************************************
37 */
38
39#include "ndrtypes.ndl"
40
41#define LOGR_OPNUM_EventLogClose		0x02
42#define LOGR_OPNUM_EventLogQueryCount		0x04
43#define LOGR_OPNUM_EventLogGetOldestRec		0x05
44#define LOGR_OPNUM_EventLogOpen			0x07
45#define LOGR_OPNUM_EventLogRead			0x0A
46
47#define LOGR_INFOLEN	200
48#define LOGR_RECBUFLEN	0x4000
49
50struct logr_handle {
51	DWORD hand1;
52	DWORD hand2;
53	WORD  hand3[2];
54	BYTE  hand4[8];
55};
56
57typedef struct logr_handle logr_handle_t;
58
59
60struct logr_string {
61	WORD		length;
62	WORD		allosize;
63	LPTSTR		str;
64};
65typedef struct logr_string logr_string_t;
66
67
68struct logr_record {
69	DWORD  Length1;        // Length of full record
70	DWORD  Reserved;      // Used by the service
71	DWORD  RecordNumber;  // Absolute record number
72	DWORD  TimeGenerated; // Seconds since 1-1-1970
73	DWORD  TimeWritten;   // Seconds since 1-1-1970
74	DWORD  EventID;
75	WORD   EventType;
76	WORD   NumStrings;
77	WORD   EventCategory;
78	WORD   ReservedFlags; // For use with paired events (auditing)
79	DWORD  ClosingRecordNumber; // For use with paired events (auditing)
80	DWORD  StringOffset;  // Offset from beginning of record
81	DWORD  UserSidLength;
82	DWORD  UserSidOffset;
83	DWORD  DataLength;
84	DWORD  DataOffset;
85	//
86	// Then follow:
87	//
88	// WCHAR SourceName[]	null terminated
89	// WCHAR Computername[]	null terminated
90	// SID   UserSid
91	// WCHAR Strings[]
92	// BYTE  Data[]
93	// CHAR  Pad[]	to DWORD
94	// DWORD Length; must be appear
95	BYTE   info[LOGR_INFOLEN];
96	DWORD  Length2;
97};
98typedef struct logr_record logr_record_t;
99
100/*
101 ***********************************************************************
102 * LOGR_OPNUM_EventLogClose
103 ***********************************************************************
104 */
105OPERATION(LOGR_OPNUM_EventLogClose)
106struct logr_EventLogClose {
107	IN		logr_handle_t handle;
108	OUT		logr_handle_t result_handle;
109	OUT	DWORD status;
110};
111
112/*
113 ***********************************************************************
114 * LOGR_OPNUM_EventLogQueryCount
115 ***********************************************************************
116 */
117OPERATION(LOGR_OPNUM_EventLogQueryCount)
118struct logr_EventLogQueryCount {
119	IN		logr_handle_t handle;
120	OUT		DWORD rec_num;
121	OUT		DWORD status;
122};
123
124/*
125 ***********************************************************************
126 * LOGR_OPNUM_EventLogGetOldestRec
127 ***********************************************************************
128 */
129OPERATION(LOGR_OPNUM_EventLogGetOldestRec)
130struct logr_EventLogGetOldestRec {
131	IN		logr_handle_t handle;
132	OUT		DWORD oldest_rec;
133	OUT		DWORD status;
134};
135
136/*
137 ***********************************************************************
138 * LOGR_OPNUM_EventLogOpen
139 ***********************************************************************
140 */
141OPERATION(LOGR_OPNUM_EventLogOpen)
142struct logr_EventLogOpen {
143	IN		DWORD *whatever;
144	IN		logr_string_t log_name;
145	IN		DWORD unknown1;
146	IN		DWORD unknown2;
147	IN		DWORD unknown3;
148	OUT		logr_handle_t handle;
149	OUT		DWORD status;
150};
151
152/*
153 ***********************************************************************
154 * LOGR_OPNUM_EventLogRead
155 ***********************************************************************
156 */
157union logr_read_u {
158	CASE(1024)	BYTE rec[1024];
159	DEFAULT	BYTE	recs[LOGR_RECBUFLEN];
160};
161
162
163struct logr_read_info {
164	DWORD nbytes_to_read;
165  SWITCH(nbytes_to_read)
166	union logr_read_u ru;
167};
168
169OPERATION(LOGR_OPNUM_EventLogRead)
170struct logr_EventLogRead {
171	IN		logr_handle_t handle;
172	IN		DWORD read_flags;
173	IN		DWORD rec_offset;
174	INOUT		DWORD nbytes_to_read;
175SWITCH (nbytes_to_read)
176	OUT		union logr_read_u ru;
177	OUT		DWORD sent_size;
178	OUT		DWORD unknown;
179	OUT		DWORD status;
180};
181
182/*
183 ***********************************************************************
184 * The EVENTLOG interface definition.
185 ***********************************************************************
186 */
187INTERFACE(0)
188union logr_interface {
189	CASE(LOGR_OPNUM_EventLogClose)
190		struct logr_EventLogClose		EventLogClose;
191	CASE(LOGR_OPNUM_EventLogQueryCount)
192		struct logr_EventLogQueryCount		EventLogQueryCount;
193	CASE(LOGR_OPNUM_EventLogGetOldestRec)
194		struct logr_EventLogGetOldestRec	EventLogGetOldestRec;
195	CASE(LOGR_OPNUM_EventLogOpen)
196		struct logr_EventLogOpen		EventLogOpen;
197	CASE(LOGR_OPNUM_EventLogRead)
198		struct logr_EventLogRead		EventLogRead;
199};
200typedef union logr_interface	logr_interface_t;
201EXTERNTYPEINFO(logr_interface)
202
203
204#endif /* _MLSVC_LOGR_NDL_ */
205