archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/admin/wmi/wbem/providers/nteventprovider/include/ntevtlogf.h

124 lines
3.2 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //***************************************************************************
  3. //
  5. // NTEVTLOGF.H
  7. //
  9. // Module: WBEM NT EVENT PROVIDER
  11. //
  13. // Copyright (c) 1996-2001 Microsoft Corporation, All Rights Reserved
  14. //
  15. //***************************************************************************
  17. #ifndef _NT_EVT_PROV_EVTLOGF_H
  18. #define _NT_EVT_PROV_EVTLOGF_H
  20. class CEventlogFileAttributes
  21. {
  22. protected:
  24. CStringW m_logname;
  25. CStringW m_logpath;
  26. DWORD m_retention;
  27. DWORD m_fileSz;
  28. CArray<CStringW*, CStringW*> m_sources;
  30. DWORD ReadRegistry();
  31. void SetRetentionStr(IWbemClassObject *pClassObj, IWbemClassObject *pInstObj, DWORD dwVal);
  32. BOOL SetSuperClassProperties(IWbemClassObject *pInst);
  34. static ULONG GetIndex(wchar_t *indexStr, BOOL *bError);
  36. public:
  38. CEventlogFileAttributes(const wchar_t *log);
  40. DWORD UpdateRegistry(IWbemClassObject *pInst);
  41. DWORD EventLogOperation(const wchar_t *archive, BOOL bClear,
  42. WbemProvErrorObject &a_ErrorObject, BOOL &bSuccess);
  43. BOOL GenerateInstance(IWbemClassObject *pClassObj, IWbemClassObject* pAClassObj, IWbemClassObject **ppInst);
  45. ~CEventlogFileAttributes();
  47. };
  49. class CEventLogFile
  50. {
  51. private:
  53. static CStringW ExpandFileName ( const wchar_t *filepath ) ;
  54. static BOOL QueryRegForFileName(HKEY hk_Log, const wchar_t *valname, wchar_t **res, DWORD *dwType);
  56. protected:
  58. HANDLE m_hEvtLog;
  59. CStringW m_EvtLogName;
  60. BOOL m_bValid;
  61. BOOL m_bBuffer;
  62. DWORD m_BuffLen;
  63. DWORD m_Reason;
  64. BYTE *m_Buffer;
  65. CCriticalSection m_LogLock;
  68. public:
  71. CEventLogFile(const WCHAR *logname, BOOL bVerify);
  73. void ReadLastRecord();
  74. BOOL GetLastRecordID(DWORD &rec, DWORD &numrecs);
  75. DWORD ReadRecord(DWORD recID, DWORD *dwBytesRead = NULL, BOOL b_Back = FALSE);
  76. BOOL IsValid() {return m_bValid;}
  77. BOOL IsValidBuffer() {return m_bBuffer;}
  78. DWORD ReadFirstRecord();
  79. CStringW GetLogName() { return m_EvtLogName; }
  80. DWORD FindOldEvent(DWORD evtID, const wchar_t *source, DWORD *recID,time_t offset = 0);
  81. BYTE* GetBuffer() { return m_Buffer; }
  82. DWORD GetBufferLen() { return m_BuffLen; }
  83. DWORD GetReason() { return m_Reason; }
  85. virtual void RefreshHandle();
  87. static CStringW GetLogName(const wchar_t *file_name);
  88. static CStringW GetFileName(HKEY hk_Log, const wchar_t *valname = EVTLOG_REG_FILE_VALUE);
  89. static DWORD GetFileNames(HKEY hk_Log, CStringW **names, const wchar_t *valname = MSG_MODULE);
  90. static BOOL ms_bSetPrivilege;
  91. static BOOL SetSecurityLogPrivilege(BOOL bProcess = FALSE, LPCWSTR privName = SE_SECURITY_NAME);
  92. static HANDLE OpenLocalEventLog(LPCWSTR a_log, DWORD *a_Reason);
  94. virtual ~CEventLogFile();
  96. };
  99. class CMonitoredEventLogFile : public CEventLogFile, public ProvTaskObject
  100. {
  101. private:
  103. CEventProviderManager *m_parent;
  104. IWbemClassObject *m_Class;
  105. DWORD m_RecID;
  106. VARIANT m_VpsdSelfRel;
  109. BOOL SetEventDescriptor();
  111. public:
  113. CMonitoredEventLogFile(CEventProviderManager *parent, const wchar_t *logname);
  115. void SetProcessRecord(DWORD recID) { m_RecID = recID; }
  116. void Process();
  117. void RefreshHandle();
  118. BOOL GenerateInstance(IWbemClassObject **ppEvtInst, IWbemClassObject *pEmbedObj);
  120. ~CMonitoredEventLogFile();
  122. };
  125. #endif //_NT_EVT_PROV_EVTLOGF_H