mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
165 lines
5.1 KiB
165 lines
5.1 KiB
#pragma namespace ("\\\\.\\root\\wmi")
|
|
|
|
instance of __Win32Provider as $P1
|
|
{
|
|
Name = "EventTraceProv";
|
|
ClsId = "{9a5dd473-d410-11d1-b829-00c04f94c7c3}";
|
|
HostingModel = "NetworkServiceHost";
|
|
UnloadTimeout = "00000000010000.000000:000";
|
|
};
|
|
|
|
instance of __InstanceProviderRegistration
|
|
{
|
|
Provider = $P1;
|
|
SupportsGet = TRUE;
|
|
SupportsPut = TRUE;
|
|
SupportsDelete = TRUE;
|
|
SupportsEnumeration = TRUE;
|
|
QuerySupportLevels = {"WQL:UnarySelect"};
|
|
};
|
|
|
|
instance of __MethodProviderRegistration
|
|
{
|
|
Provider = $P1;
|
|
};
|
|
|
|
[Dynamic, Provider ("EventTraceProv")]
|
|
class TraceLogger
|
|
{
|
|
[read, key] String Name;
|
|
[DisplayName("File Name"):ToInstance Amended, read, write ] String LogFileName;
|
|
[read, write] String Guid[];
|
|
[read, write] uint32 EnableFlags[];
|
|
[read, write] uint32 Level[];
|
|
[DisplayName("Buffer Size"):ToInstance Amended, read, write] uint32 BufferSize;
|
|
[DisplayName("Minimum Buffers"):ToInstance Amended, read, write] uint32 MinimumBuffers;
|
|
[DisplayName("Maximum Buffers"):ToInstance Amended, read, write] uint32 MaximumBuffers;
|
|
[DisplayName("Maximum File Size"):ToInstance Amended, read, write] uint32 MaximumFileSize;
|
|
[DisplayName("File Mode"):ToInstance Amended,
|
|
read, write,
|
|
DefaultValue("Sequential"):ToInstance,
|
|
ValueDescriptions{
|
|
"Log sequentially",
|
|
"Log in circular manner",
|
|
"Append sequential log",
|
|
"Auto-switch log file",
|
|
"Pre-allocate log file",
|
|
"Real time mode on",
|
|
"Delay opening file",
|
|
"Buffering mode only",
|
|
"Process Private Logger",
|
|
"Add a logfile header",
|
|
"Use global sequence no.",
|
|
"Use local sequence no.",
|
|
"Relogger",
|
|
"Use pageable buffers"
|
|
}:Amended,
|
|
Values{
|
|
"Sequential",
|
|
"Circular",
|
|
"Append",
|
|
"NewFile",
|
|
"PreAlloc",
|
|
"RealTime",
|
|
"DelayOpen",
|
|
"BufferOnly",
|
|
"Private",
|
|
"Header",
|
|
"GlobalSequence",
|
|
"LocalSequence",
|
|
"Relog",
|
|
"PagedMemory"
|
|
}:ToInstance,
|
|
DefineValues{
|
|
"EVENT_TRACE_FILE_MODE_SEQUENTIAL",
|
|
"EVENT_TRACE_FILE_MODE_CIRCULAR",
|
|
"EVENT_TRACE_FILE_MODE_APPEND",
|
|
"EVENT_TRACE_FILE_MODE_NEWFILE",
|
|
"EVENT_TRACE_FILE_MODE_PREALLOCATE",
|
|
"EVENT_TRACE_REAL_TIME_MODE",
|
|
"EVENT_TRACE_DELAY_OPEN_FILE_MODE",
|
|
"EVENT_TRACE_BUFFERING_MODE",
|
|
"EVENT_TRACE_PRIVATE_LOGGER_MODE",
|
|
"EVENT_TRACE_ADD_HEADER_MODE",
|
|
"EVENT_TRACE_USE_GLOBAL_SEQUENCE",
|
|
"EVENT_TRACE_USE_LOCAL_SEQUENCE",
|
|
"EVENT_TRACE_RELOG_MODE",
|
|
"EVENT_TRACE_USE_PAGED_MEMORY"
|
|
},
|
|
ValueMap{
|
|
"0x00000001",
|
|
"0x00000002",
|
|
"0x00000004",
|
|
"0x00000008",
|
|
"0x00000020",
|
|
"0x00000100",
|
|
"0x00000200",
|
|
"0x00000400",
|
|
"0x00000800",
|
|
"0x00001000",
|
|
"0x00004000",
|
|
"0x00008000",
|
|
"0x00010000",
|
|
"0x01000000"
|
|
}:ToInstance ] String LogFileMode;
|
|
|
|
[DisplayName("Flush Timer"):ToInstance Amended, read, write] uint32 FlushTimer;
|
|
[DisplayName("Age Limit"):ToInstance Amended, read, write] uint32 AgeLimit;
|
|
|
|
[DisplayName("Logger Id"):ToInstance Amended, read] uint64 LoggerId;
|
|
[DisplayName("Number of buffers"):ToInstance Amended, read] uint32 NumberOfBuffers;
|
|
[DisplayName("Buffers Free"):ToInstance Amended, read] uint32 FreeBuffers;
|
|
[DisplayName("Events Lost"):ToInstance Amended, read] uint32 EventsLost;
|
|
[DisplayName("Buffers Written"):ToInstance Amended, read] uint32 BuffersWritten;
|
|
[DisplayName("Buffers Lost"):ToInstance Amended, read] uint32 LogBuffersLost;
|
|
[DisplayName("Real Time Buffers Lost"):ToInstance Amended, read] uint32 RealTimeBuffersLost;
|
|
[DisplayName("Logger Thread Id"):ToInstance Amended, read] uint32 LoggerThreadId;
|
|
|
|
[Implemented] uint32 FlushTrace();
|
|
[Implemented] uint32 StopTrace();
|
|
[Implemented] uint32 EnableTrace( [IN] boolean Enable, [IN] uint32 Flags[], [IN] uint32 Level[], [IN] String Guid[] );
|
|
|
|
};
|
|
|
|
class EventTraceError : __ExtendedStatus
|
|
{
|
|
[read] String LoggerName;
|
|
};
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
|
|
instance of __Win32Provider as $P2
|
|
{
|
|
Name = "SmonlogProv";
|
|
ClsId = "{f95e1664-7979-44f2-a040-496e7f500043}";
|
|
HostingModel = "NetworkServiceHost";
|
|
};
|
|
|
|
instance of __InstanceProviderRegistration
|
|
{
|
|
Provider = $P2;
|
|
SupportsGet = TRUE;
|
|
SupportsPut = TRUE;
|
|
SupportsDelete = TRUE;
|
|
SupportsEnumeration = TRUE;
|
|
QuerySupportLevels = {"WQL:UnarySelect"};
|
|
};
|
|
|
|
instance of __MethodProviderRegistration
|
|
{
|
|
Provider = $P2;
|
|
};
|
|
|
|
[Dynamic, Provider ("SmonlogProv")]
|
|
class SysmonLog
|
|
{
|
|
[read, key] String Name;
|
|
|
|
[Implemented] uint32 SetRunAs( [IN] String User, [IN] String Password );
|
|
};
|
|
|
|
class SmonLogError : __ExtendedStatus
|
|
{
|
|
[read] String ConfigName;
|
|
};
|
|
|