You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
214 lines
5.2 KiB
214 lines
5.2 KiB
/*++
|
|
|
|
Copyright (c) 1998 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
eventlog.cpp
|
|
|
|
Abstract:
|
|
|
|
SIS Groveler eventlog interface
|
|
|
|
Authors:
|
|
|
|
John Douceur, 1998
|
|
|
|
Environment:
|
|
|
|
User Mode
|
|
|
|
|
|
Revision History:
|
|
|
|
|
|
--*/
|
|
|
|
#include "all.hxx"
|
|
|
|
#ifndef MIN_MESSAGE_SEVERITY
|
|
#define MIN_MESSAGE_SEVERITY 0
|
|
#endif
|
|
|
|
const _TCHAR *
|
|
EventLog::service_name = _T("Groveler");
|
|
|
|
const _TCHAR *
|
|
EventLog::message_filename = _T("%SystemRoot%\\System32\\grovmsg.dll");
|
|
|
|
static const _TCHAR *
|
|
registry_log_path =
|
|
_T("SYSTEM\\CurrentControlSet\\Services\\EventLog\\Application\\");
|
|
|
|
const DWORD
|
|
EventLog::types_supported =
|
|
EVENTLOG_INFORMATION_TYPE |
|
|
EVENTLOG_WARNING_TYPE |
|
|
EVENTLOG_ERROR_TYPE;
|
|
|
|
EventLog::EventLog()
|
|
{
|
|
ASSERT(this != 0);
|
|
setup_registry();
|
|
event_source_handle = RegisterEventSource(0, service_name);
|
|
if (event_source_handle == 0)
|
|
{
|
|
DWORD err = GetLastError();
|
|
PRINT_DEBUG_MSG((_T("GROVELER: RegisterEventSource() failed with error %d\n"),
|
|
err));
|
|
}
|
|
}
|
|
|
|
EventLog::~EventLog()
|
|
{
|
|
ASSERT(this != 0);
|
|
if (event_source_handle != 0)
|
|
{
|
|
int ok = DeregisterEventSource(event_source_handle);
|
|
if (!ok)
|
|
{
|
|
DWORD err = GetLastError();
|
|
PRINT_DEBUG_MSG((_T("GROVELER: DeregisterEventSource() failed with error %d\n"),
|
|
err));
|
|
}
|
|
}
|
|
}
|
|
|
|
bool
|
|
EventLog::report_event(
|
|
DWORD event_id,
|
|
DWORD status,
|
|
int string_count,
|
|
// _TCHAR *string
|
|
...)
|
|
{
|
|
WCHAR *strings[8];
|
|
WCHAR statusStr[32];
|
|
|
|
ASSERT(this != 0);
|
|
ASSERT(event_source_handle != 0);
|
|
ASSERT(string_count >= 0);
|
|
if (event_source_handle == 0)
|
|
{
|
|
return false;
|
|
}
|
|
DWORD message_severity = MESSAGE_SEVERITY(event_id);
|
|
|
|
#if (MIN_MESSAGE_SEVERITY > 0)
|
|
if (message_severity < MIN_MESSAGE_SEVERITY)
|
|
{
|
|
return false;
|
|
}
|
|
#endif
|
|
|
|
//
|
|
// Generate the list of strings buffer
|
|
//
|
|
|
|
ASSERT((string_count+1) < (sizeof(strings)/sizeof(WCHAR *)));
|
|
|
|
va_list ap;
|
|
va_start(ap, string_count);
|
|
for (int index = 0; index < string_count; index++)
|
|
{
|
|
strings[index] = va_arg(ap, _TCHAR *);
|
|
ASSERT(strings[index] != 0);
|
|
}
|
|
va_end(ap);
|
|
|
|
//
|
|
// We are going to always insert the status string at the end of the
|
|
// list.
|
|
|
|
(void)StringCbPrintf(statusStr,sizeof(statusStr),L"%d",status);
|
|
strings[index] = statusStr;
|
|
|
|
WORD event_type = 0;
|
|
switch (message_severity)
|
|
{
|
|
case MESSAGE_SEVERITY_SUCCESS:
|
|
event_type = EVENTLOG_AUDIT_SUCCESS;
|
|
break;
|
|
case MESSAGE_SEVERITY_INFORMATIONAL:
|
|
event_type = EVENTLOG_INFORMATION_TYPE;
|
|
break;
|
|
case MESSAGE_SEVERITY_WARNING:
|
|
event_type = EVENTLOG_WARNING_TYPE;
|
|
break;
|
|
case MESSAGE_SEVERITY_ERROR:
|
|
event_type = EVENTLOG_ERROR_TYPE;
|
|
break;
|
|
default:
|
|
ASSERT(false);
|
|
}
|
|
|
|
//
|
|
// Report the events. We always add one to the string count because
|
|
// we always put the status string at the end of the buffer.
|
|
//
|
|
|
|
BOOL ok = ReportEvent(event_source_handle, event_type, 0, event_id,
|
|
0, (WORD)(string_count+1), 0, (LPCWSTR *)strings, 0);
|
|
|
|
if (!ok)
|
|
{
|
|
DWORD err = GetLastError();
|
|
PRINT_DEBUG_MSG((_T("GROVELER: ReportEvent() failed with error %d\n"), err));
|
|
}
|
|
|
|
return (ok != 0);
|
|
}
|
|
|
|
bool
|
|
EventLog::setup_registry()
|
|
{
|
|
_TCHAR *log_path = 0;
|
|
try
|
|
{
|
|
HKEY path_key = 0;
|
|
DWORD disp;
|
|
int bufSize = _tcslen(registry_log_path) + _tcslen(service_name) + 1;
|
|
log_path = new _TCHAR[bufSize];
|
|
(void)StringCchPrintf(log_path, bufSize, _T("%s%s"), registry_log_path, service_name);
|
|
|
|
Registry::create_key_ex(HKEY_LOCAL_MACHINE, log_path, 0, 0,
|
|
REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, 0, &path_key, &disp);
|
|
ASSERT(log_path != 0);
|
|
delete[] log_path;
|
|
log_path = 0;
|
|
try
|
|
{
|
|
Registry::set_value_ex(path_key, _T("EventMessageFile"), 0,
|
|
REG_EXPAND_SZ, (BYTE *)message_filename,
|
|
(_tcslen(message_filename) + 1) * sizeof(_TCHAR));
|
|
Registry::set_value_ex(path_key, _T("TypesSupported"), 0,
|
|
REG_DWORD, (BYTE *)&types_supported, sizeof(DWORD));
|
|
}
|
|
catch (DWORD result)
|
|
{
|
|
ASSERT(result != ERROR_SUCCESS);
|
|
PRINT_DEBUG_MSG((_T("GROVELER: Registry::set_value_ex() failed with error %d\n"),
|
|
result));
|
|
ASSERT(path_key != 0);
|
|
Registry::close_key(path_key);
|
|
path_key = 0;
|
|
return false;
|
|
}
|
|
ASSERT(path_key != 0);
|
|
Registry::close_key(path_key);
|
|
path_key = 0;
|
|
}
|
|
catch (DWORD result)
|
|
{
|
|
if (log_path != 0)
|
|
{
|
|
delete[] log_path;
|
|
log_path = 0;
|
|
}
|
|
ASSERT(result != ERROR_SUCCESS);
|
|
PRINT_DEBUG_MSG((_T("GROVELER: Registry::create_key_ex() or Registry::close_key() ")
|
|
_T("failed with error %d\n"), result));
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|