archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/enduser/speech/lib/perl/win32/eventlog.pm

253 lines
6.0 KiB
Raw Normal View History

Add source files
4 years ago
  1. #
  2. # EventLog.pm
  3. #
  4. # Creates an object oriented interface to the Windows NT Evenlog
  5. # Written by Jesse Dougherty
  6. #
  8. package Win32::EventLog;
  10. $VERSION = $VERSION = '0.05';
  12. require Exporter;
  13. require DynaLoader;
  14. #use Win32;
  16. die "The Win32::Eventlog module works only on Windows NT"
  17. unless Win32::IsWinNT();
  19. @ISA= qw( Exporter DynaLoader );
  20. @EXPORT = qw(
  21. EVENTLOG_AUDIT_FAILURE
  22. EVENTLOG_AUDIT_SUCCESS
  23. EVENTLOG_BACKWARDS_READ
  24. EVENTLOG_END_ALL_PAIRED_EVENTS
  25. EVENTLOG_END_PAIRED_EVENT
  26. EVENTLOG_ERROR_TYPE
  27. EVENTLOG_FORWARDS_READ
  28. EVENTLOG_INFORMATION_TYPE
  29. EVENTLOG_PAIRED_EVENT_ACTIVE
  30. EVENTLOG_PAIRED_EVENT_INACTIVE
  31. EVENTLOG_SEEK_READ
  32. EVENTLOG_SEQUENTIAL_READ
  33. EVENTLOG_START_PAIRED_EVENT
  34. EVENTLOG_SUCCESS
  35. EVENTLOG_WARNING_TYPE
  36. );
  38. sub AUTOLOAD {
  39. my($constname);
  40. ($constname = $AUTOLOAD) =~ s/.*:://;
  41. # reset $! to zero to reset any current errors.
  42. $!=0;
  43. my $val = constant($constname, @_ ? $_[0] : 0);
  44. if ($! != 0) {
  45. if ($! =~ /Invalid/) {
  46. $AutoLoader::AUTOLOAD = $AUTOLOAD;
  47. goto &AutoLoader::AUTOLOAD;
  48. }
  49. else {
  50. my ($pack,$file,$line) = caller;
  51. die "Unknown Win32::EventLog macro $constname, at $file line $line.\n";
  52. }
  53. }
  54. eval "sub $AUTOLOAD { $val }";
  55. goto &$AUTOLOAD;
  56. }
  59. #
  60. # new()
  61. #
  62. # Win32::EventLog->new("source name", "ServerName");
  63. #
  64. sub new
  65. {
  66. my $c = shift;
  67. die "usage: PACKAGE->new(SOURCENAME[, SERVERNAME])\n" unless @_;
  68. my $source = shift;
  69. my $server = shift;
  70. my $handle;
  72. # Create new handle
  73. OpenEventLog($handle, $server, $source);
  74. return bless {'handle' => $handle,
  75. 'Source' => $source,
  76. 'Computer' => $server }, $c;
  77. }
  79. #
  80. # Open (the rather braindead old way)
  81. # A variable initialized to empty must be supplied as the first
  82. # arg, followed by whatever new() takes
  83. #
  84. sub Open {
  85. $_[0] = Win32::EventLog->new($_[1],$_[2]);
  86. }
  88. sub Backup
  89. {
  90. $self = shift;
  91. die " usage: OBJECT->Backup(FILENAME)\n" unless @_ == 1;
  92. my $filename = shift;
  93. my $result;
  95. $result = BackupEventLog($self->{'handle'},$filename);
  96. unless ($result) { $! = Win32::GetLastError() }
  97. return $result;
  98. }
  100. # Read
  101. # Note: the EventInfo arguement requires a hash reference.
  102. sub Read
  103. {
  104. $self = shift;
  106. die "usage: OBJECT->Read(FLAGS, RECORDOFFSET, HASHREF)\n" unless @_ == 3;
  108. my ($readflags,$recordoffset) = @_;
  109. my ($result, $datalength, $dataoffset, $sid, $length);
  110. my ($reserved, $recordnumber, $timegenerated, $timewritten, $eventid);
  111. my ($eventtype, $numstrings, $eventcategory, $reservedflags);
  112. my ($closingrecordnumber, $stringoffset, $usersidlength, $usersidoffset);
  114. # The following is stolen shamelessly from Wyt's tests for the registry.
  116. $result = ReadEventLog($self->{'handle'},
  117. $readflags,
  118. $recordoffset,
  119. $header,
  120. $source,
  121. $computer,
  122. $sid,
  123. $data,
  124. $strings);
  126. ($length,
  127. $reserved,
  128. $recordnumber,
  129. $timegenerated,
  130. $timewritten,
  131. $eventid,
  132. $eventtype,
  133. $numstrings,
  134. $eventcategory,
  135. $reservedflags,
  136. $closingrecordnumber,
  137. $stringoffset,
  138. $usersidlength,
  139. $usersidoffset,
  140. $datalength,
  141. $dataoffset) = unpack('l6s4l6', $header);
  143. # get the text message here
  144. my $message='';
  145. GetEventLogText($source, $eventid, $strings, $numstrings, $message) if ($result);
  147. # make a hash out of the values returned from ReadEventLog.
  148. my %h = ( 'Source' => $source,
  149. 'Computer' => $computer,
  150. 'Length' => $datalength,
  151. 'Category' => $eventcategory,
  152. 'RecordNumber' => $recordnumber,
  153. 'TimeGenerated' => $timegenerated,
  154. 'Timewritten' => $timewritten,
  155. 'EventID' => $eventid,
  156. 'EventType' => $eventtype,
  157. 'ClosingRecordNumber' => $closingrecordnumber,
  158. 'User' => $sid,
  159. 'Strings' => $strings,
  160. 'Data' => $data,
  161. 'Message' => $message,
  162. );
  164. if (ref($_[2]) eq 'HASH') {
  165. %{$_[2]} = %h; # this needed for Read(...,\%foo) case
  166. }
  167. else {
  168. $_[2] = \%h;
  169. }
  170. unless ($result) { $! = Win32::GetLastError() }
  171. return $result;
  172. }
  174. sub Report
  175. {
  176. my $self = shift;
  178. die "usage: OBJECT->Report( HASHREF )\n" unless @_ == 1;
  180. my $EventInfo = shift;
  181. my $result;
  183. if ( ref( $EventInfo) eq "HASH" ) {
  184. my ($length, $reserved, $recordnumber, $timegenerated, $timewritten);
  185. my ($eventid, $eventtype, $numstrings, $eventcategory, $reservedflags);
  186. my ($closingrecordnumber, $stringoffset, $usersidlength);
  187. my ($usersidoffset, $source, $data, $strings);
  189. $eventcategory = $EventInfo->{'Category'};
  190. $source = $self->{'Source'};
  191. $computer = $self->{'Computer'};
  192. $length = $EventInfo->{'Length'};
  193. $recordnumber = $EventInfo->{'RecordNumber'};
  194. $timegenerated = $EventInfo->{'TimeGenerated'};
  195. $timewritten = $EventInfo->{'Timewritten'};
  196. $eventid = $EventInfo->{'EventID'};
  197. $eventtype = $EventInfo->{'EventType'};
  198. $closingrecordnumber = $EventInfo->{'ClosingRecordNumber'};
  199. $strings = $EventInfo->{'Strings'};
  200. $data = $EventInfo->{'Data'};
  202. $result = WriteEventLog($computer,
  203. $source,
  204. $eventtype,
  205. $eventcategory,
  206. $eventid,
  207. $reserved,
  208. $data,
  209. $strings);
  210. }
  211. else {
  212. die "Win32::EventLog::Report requires a hash reference as arg 3\n";
  213. }
  215. unless ($result) { $! = Win32::GetLastError() }
  216. return $result;
  217. }
  219. sub GetOldest
  220. {
  221. my $self=shift;
  223. die "usage: OBJECT->GetOldest( SCALAREF )\n" unless @_ == 1;
  224. my $result = GetOldestEventLogRecord( $self->{'handle'},$_[0]);
  225. unless ($result) { $! = Win32::GetLastError() }
  226. return $result;
  227. }
  229. sub GetNumber
  230. {
  231. my $self=shift;
  233. die "usage: OBJECT->GetNumber( SCALARREF )\n" unless @_ == 1;
  234. my $result = GetNumberOfEventLogRecords($self->{'handle'}, $_[0]);
  235. unless ($result) { $! = Win32::GetLastError() }
  236. return $result;
  237. }
  239. sub Clear
  240. {
  241. my $self=shift;
  243. die "usage: OBJECT->Clear( FILENAME )\n" unless @_ == 1;
  244. my $filename = shift;
  245. my $result = ClearEventLog($self->{'handle'}, $filename);
  246. unless ($result) { $! = Win32::GetLastError() }
  247. return $result;
  248. }
  250. bootstrap Win32::EventLog;
  252. 1;
  253. __END__