archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/admin/wmi/wbem/providers/nteventprovider/include/ntevtdefs.h

188 lines
6.8 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //***************************************************************************
  3. //
  5. // NTEVTDEFS.H
  7. //
  9. // Module: WBEM NT EVENT PROVIDER
  11. //
  13. // Copyright (c) 1996-2001 Microsoft Corporation, All Rights Reserved
  14. //
  15. //***************************************************************************
  17. #ifndef _NT_EVT_PROV_NTEVTDEFS_H
  18. #define _NT_EVT_PROV_NTEVTDEFS_H
  20. #define ELF_LOGFILE_READ 0x0001
  21. #define ELF_LOGFILE_WRITE 0x0002
  22. #define ELF_LOGFILE_CLEAR 0x0004
  23. #define ELF_LOGFILE_START 0x0008
  24. #define ELF_LOGFILE_STOP 0x000C
  25. #define ELF_LOGFILE_CONFIGURE 0x0010
  26. #define ELF_LOGFILE_BACKUP 0x0020
  28. #define ELF_LOGFILE_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
  29. ELF_LOGFILE_READ | \
  30. ELF_LOGFILE_WRITE | \
  31. ELF_LOGFILE_CLEAR | \
  32. ELF_LOGFILE_START | \
  33. ELF_LOGFILE_STOP | \
  34. ELF_LOGFILE_CONFIGURE)
  36. #define ELF_LOGFILE_OBJECT_ACES 12 // Number of ACEs in this DACL
  37. #define NT_EVTLOG_MAX_CLASSES 7
  39. #define SECURITY_MUTEX_NAME L"Cimom NT Security API protector"
  40. #define PERFORMANCE_MUTEX_NAME L"WbemPerformanceDataMutex"
  42. #define EVENTTHREADNAME L"Eventlog Monitor"
  44. BOOL ObtainedSerialAccess(CMutex* pLock);
  45. void ReleaseSerialAccess(CMutex* pLock);
  47. #define HKEYCLASSES L"SOFTWARE\\Classes\\"
  49. #define TYPE_ARRAY_LEN 6
  50. #define RETENTION_ARRAY_LEN 3
  51. typedef ULONG (*GetIndexFunc)(const wchar_t*, BOOL*);
  53. #define WBEM_QUERY_LANGUAGE_SQL1 L"WQL"
  55. #define LOGON_EVTID 2147489653
  56. #define LOGON_SOURCE L"eventlog"
  57. #define LOGON_TIME 1800 //30 MINS
  59. #define SYSTEM_PROPERTY_CLASS L"__CLASS"
  60. #define SYSTEM_PROPERTY_SUPERCLASS L"__SUPERCLASS"
  61. #define SYSTEM_PROPERTY_DYNASTY L"__DYNASTY"
  62. #define SYSTEM_PROPERTY_DERIVATION L"__DERIVATION"
  63. #define SYSTEM_PROPERTY_GENUS L"__GENUS"
  64. #define SYSTEM_PROPERTY_NAMESPACE L"__NAMESPACE"
  65. #define SYSTEM_PROPERTY_PROPERTY_COUNT L"__PROPERTY_COUNT"
  66. #define SYSTEM_PROPERTY_SERVER L"__SERVER"
  67. #define SYSTEM_PROPERTY_RELPATH L"__RELPATH"
  68. #define SYSTEM_PROPERTY_PATH L"__PATH"
  70. #define EVENT_CLASS L"__InstanceCreationEvent"
  71. #define SD_PROP L"SECURITY_DESCRIPTOR"
  72. #define TARGET_PROP L"TargetInstance"
  73. #define NTEVT_CLASS L"Win32_NTLogEvent"
  74. #define RECORD_PROP L"RecordNumber"
  75. #define LOGFILE_PROP L"Logfile"
  76. #define EVTID_PROP L"EventIdentifier"
  77. #define EVTID2_PROP L"EventCode"
  78. #define SOURCE_PROP L"SourceName"
  79. #define TYPE_PROP L"Type"
  80. #define EVTTYPE_PROP L"EventType"
  81. #define CATEGORY_PROP L"Category"
  82. #define CATSTR_PROP L"CategoryString"
  83. #define GENERATED_PROP L"TimeGenerated"
  84. #define WRITTEN_PROP L"TimeWritten"
  85. #define COMPUTER_PROP L"ComputerName"
  86. #define USER_PROP L"User"
  87. #define MESSAGE_PROP L"Message"
  88. #define INSSTRS_PROP L"InsertionStrings"
  89. #define DATA_PROP L"Data"
  90. #define EVT_ENUM_QUAL L"Values"
  91. #define EVT_MAP_QUAL L"ValueMap"
  93. #define EVENTLOG_BASE L"SYSTEM\\CurrentControlSet\\Services\\Eventlog"
  94. #define MSG_MODULE L"EventMessageFile"
  95. #define PARAM_MODULE L"ParameterMessageFile"
  96. #define PRIM_MODULE L"PrimaryModule"
  97. #define CAT_MODULE L"CategoryMessageFile"
  98. #define GUEST_ACCESS L"RestrictGuestAccess"
  99. #define SYSTEM_LOG L"System"
  100. #define SECURITY_LOG L"Security"
  102. // {F55C5B4C-517D-11d1-AB57-00C04FD9159E}
  103. DEFINE_GUID(CLSID_CNTEventProviderClassFactory,
  104. 0xf55c5b4c, 0x517d, 0x11d1, 0xab, 0x57, 0x0, 0xc0, 0x4f, 0xd9, 0x15, 0x9e);
  107. #define WBEM_PROPERTY_STATUSCODE L"StatusCode"
  108. #define WBEM_PROPERTY_PROVSTATUSCODE L"ProvStatusCode"
  109. #define WBEM_PROPERTY_PROVSTATUSMESSAGE L"Description"
  110. #define WBEM_PROPERTY_PRIVNOTHELD L"PrivilegesNotHeld"
  111. #define WBEM_PROPERTY_PRIVREQUIRED L"PrivilegesRequired"
  113. #define CLASS_PROP L"__CLASS"
  115. #define EVTLOG_REG_FILE_VALUE L"File"
  116. #define EVTLOG_REG_RETENTION_VALUE L"Retention"
  117. #define EVTLOG_REG_MAXSZ_VALUE L"MaxSize"
  118. #define EVTLOG_REG_SOURCES_VALUE L"Sources"
  120. #define NTEVTLOG_CLASS L"Win32_NTEventlogFile"
  121. #define PROP_MAXSZ L"MaxFileSize"
  122. #define PROP_RETENTION L"OverWriteOutDated"
  123. #define PROP_LOGNAME L"LogfileName"
  124. #define PROP_NUMRECS L"NumberOfRecords"
  125. #define PROP_RETENTION_STR L"OverWritePolicy"
  126. #define PROP_SOURCES L"Sources"
  128. #define PROP_NAME L"Name"
  130. #define PROP_CS_CRE_CLASS L"CSCreationClassName"
  131. #define PROP_CRE_CLASS L"CreationClassName"
  132. #define PROP_FS_CRE_CLASS L"FSCreationClassName"
  133. #define PROP_FS_NAME L"FSName"
  134. #define VAL_FS_CRE_CLASS L"Win32_FileSystem"
  136. #ifdef VERSION_ISA_PROPERTY
  137. #define PROP_VERSION L"Version"
  138. #endif
  140. #define METHOD_RESOBJ L"__Parameters"
  141. #define METHOD_CLEAR L"ClearEventlog"
  142. #define METHOD_BACKUP L"BackupEventlog"
  143. #define METHOD_PARAM L"ArchiveFileName"
  144. #define METHOD_RESULT_PARAM L"ReturnValue"
  146. #define FILE_CHUNK_SZ 0x00010000
  147. #define MAX_EVT_LOG_SZ 0xffff0000
  148. #define MAX_EVT_AGE 365
  149. #define EVT_NEVER_AGE 0xffffffff
  150. #define EVT_UNITS_FROM_DAYS (60*60*24) //from days to seconds
  152. #define CONFIG_CLASS L"NTEventlogProviderConfig"
  153. #define CONFIG_INSTANCE L"NTEventlogProviderConfig=@"
  154. #define COMP_CLASS L"Win32_ComputerSystem"
  155. #define LAST_BOOT_PROP L"LastBootUpTime"
  156. #define USER_CLASS L"Win32_UserAccount"
  157. #define ASSOC_LOGRECORD L"Win32_NTLogEventLog"
  158. #define ASSOC_USERRECORD L"Win32_NTLogEventUser"
  159. #define ASSOC_COMPRECORD L"Win32_NTLogEventComputer"
  160. #define REF_LOG L"Log"
  161. #define REF_REC L"Record"
  162. #define REF_USER L"User"
  163. #define REF_COMP L"Computer"
  165. #define PROP_DOMAIN L"Domain"
  167. #define PROP_START_LOG CStringW(CStringW(NTEVTLOG_CLASS) + CStringW(L'.') + CStringW(PROP_NAME) + CStringW(L"=\""))
  168. #define PROP_START_REC CStringW(CStringW(NTEVT_CLASS) + CStringW(L'.') + CStringW(LOGFILE_PROP) + CStringW(L"=\""))
  169. #define PROP_MID_REC CStringW(CStringW(L"\",") + CStringW(RECORD_PROP) + CStringW(L'='))
  170. #define PROP_START_COMP CStringW(CStringW(COMP_CLASS) + CStringW(L".Name=\""))
  171. #define PROP_START_USER CStringW(CStringW(USER_CLASS) + CStringW(L".Domain=\""))
  172. #define PROP_MID_USER CStringW(L"\",Name=\"")
  174. #define ENUM_INST_QUERY_START CStringW(L"select * from ")
  175. #define ENUM_INST_QUERY_MID CStringW(L" where __CLASS = \"")
  177. #define PROP_END_QUOTE CStringW(L"\"")
  179. // {D2E4F828-65E4-11d1-AB64-00C04FD9159E}
  180. DEFINE_GUID(CLSID_CNTEventLocatorClassFactory,
  181. 0xd2e4f828, 0x65e4, 0x11d1, 0xab, 0x64, 0x0, 0xc0, 0x4f, 0xd9, 0x15, 0x9e);
  183. // {FD4F53E0-65DC-11d1-AB64-00C04FD9159E}
  184. DEFINE_GUID(CLSID_CNTEventInstanceProviderClassFactory,
  185. 0xfd4f53e0, 0x65dc, 0x11d1, 0xab, 0x64, 0x0, 0xc0, 0x4f, 0xd9, 0x15, 0x9e);
  187. #endif //_NT_EVT_PROV_NTEVTDEFS_H