eventlog

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 28, 2024 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// Syntax UUID
	EventlogSyntaxUUID = &uuid.UUID{TimeLow: 0x82273fdc, TimeMid: 0xe32a, TimeHiAndVersion: 0x18c3, ClockSeqHiAndReserved: 0x3f, ClockSeqLow: 0x78, Node: [6]uint8{0x82, 0x79, 0x29, 0xdc, 0x23, 0xea}}
	// Syntax ID
	EventlogSyntaxV0_0 = &dcerpc.SyntaxID{IfUUID: EventlogSyntaxUUID, IfVersionMajor: 0, IfVersionMinor: 0}
)
View Source
var (
	// import guard
	GoPackage = "even"
)
View Source
var MaxBatchBuffer = 524287

MaxBatchBuffer represents the MAX_BATCH_BUFF RPC constant

View Source
var MaxSingleEvent = 262143

MaxSingleEvent represents the MAX_SINGLE_EVENT RPC constant

View Source
var MaxStrings = 256

MaxStrings represents the MAX_STRINGS RPC constant

Functions

func EventlogServerHandle

func EventlogServerHandle(ctx context.Context, o EventlogServer, opNum int, r ndr.Reader) (dcerpc.Operation, error)

func NewEventlogServerHandle

func NewEventlogServerHandle(o EventlogServer) dcerpc.ServerHandle

func RegisterEventlogServer

func RegisterEventlogServer(conn dcerpc.Conn, o EventlogServer, opts ...dcerpc.Option)

Types

type BackupEventLogARequest

type BackupEventLogARequest struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6. This handle MUST NOT be obtained via the ElfrOpenBELA
	// (section 3.1.4.2) method or the ElfrOpenBELW (section 3.1.4.1) method.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// BackupFileName: Provides an ANSI string (as specified in section 2.2.12) that points
	// to an NT Object Path of a file (as specified in section 2.2.4.1), in which a current
	// copy of the event log is to be placed. This MUST NOT be NULL or empty.
	BackupFileName *String `idl:"name:BackupFileName" json:"backup_file_name"`
}

BackupEventLogARequest structure represents the ElfrBackupELFA operation request

func (*BackupEventLogARequest) MarshalNDR

func (o *BackupEventLogARequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*BackupEventLogARequest) UnmarshalNDR

func (o *BackupEventLogARequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type BackupEventLogAResponse

type BackupEventLogAResponse struct {
	// Return: The ElfrBackupELFA return value.
	Return int32 `idl:"name:Return" json:"return"`
}

BackupEventLogAResponse structure represents the ElfrBackupELFA operation response

func (*BackupEventLogAResponse) MarshalNDR

func (o *BackupEventLogAResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*BackupEventLogAResponse) UnmarshalNDR

func (o *BackupEventLogAResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type BackupEventLogWRequest

type BackupEventLogWRequest struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6. This handle MUST NOT be obtained via the ElfrOpenBELA
	// (section 3.1.4.2) method or the ElfrOpenBELW (section 3.1.4.1) method.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// BackupFileName: Provides a Unicode string (as specified in section 2.2.11) that points
	// to an NT Object Path of a file, (as specified in section 2.2.4.1), in which a current
	// copy of the event log is to be placed. This MUST NOT be NULL or empty. The path is
	// evalutated relative to the server.
	BackupFileName *dtyp.UnicodeString `idl:"name:BackupFileName" json:"backup_file_name"`
}

BackupEventLogWRequest structure represents the ElfrBackupELFW operation request

func (*BackupEventLogWRequest) MarshalNDR

func (o *BackupEventLogWRequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*BackupEventLogWRequest) UnmarshalNDR

func (o *BackupEventLogWRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type BackupEventLogWResponse

type BackupEventLogWResponse struct {
	// Return: The ElfrBackupELFW return value.
	Return int32 `idl:"name:Return" json:"return"`
}

BackupEventLogWResponse structure represents the ElfrBackupELFW operation response

func (*BackupEventLogWResponse) MarshalNDR

func (o *BackupEventLogWResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*BackupEventLogWResponse) UnmarshalNDR

func (o *BackupEventLogWResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ChangeNotifyRequest

type ChangeNotifyRequest struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// ClientId: Ignored when the method is called remotely.
	ClientID *ClientID `idl:"name:ClientId" json:"client_id"`
	// Event: Ignored when the method is called remotely.
	Event uint32 `idl:"name:Event" json:"event"`
}

ChangeNotifyRequest structure represents the ElfrChangeNotify operation request

func (*ChangeNotifyRequest) MarshalNDR

func (o *ChangeNotifyRequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ChangeNotifyRequest) UnmarshalNDR

func (o *ChangeNotifyRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ChangeNotifyResponse

type ChangeNotifyResponse struct {
	// Return: The ElfrChangeNotify return value.
	Return int32 `idl:"name:Return" json:"return"`
}

ChangeNotifyResponse structure represents the ElfrChangeNotify operation response

func (*ChangeNotifyResponse) MarshalNDR

func (o *ChangeNotifyResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ChangeNotifyResponse) UnmarshalNDR

func (o *ChangeNotifyResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ClearEventLogARequest

type ClearEventLogARequest struct {
	// LogHandle: Handle to the event log to be cleared. This parameter is a server context
	// handle, as specified in section 2.2.6. This handle MUST NOT be one obtained via the
	// ElfrOpenBELA (section 3.1.4.2) method or the ElfrOpenBELW (section 3.1.4.1) method.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// BackupFileName: Provides an ANSI string (as specified in section 2.2.12) that points
	// to an NT Object Path of a file (as specified in section 2.2.4.1), in which a current
	// copy of the event log is to be placed. If this is NULL or empty, the server MUST
	// NOT create a backup as part of this method.
	BackupFileName *String `idl:"name:BackupFileName;pointer:unique" json:"backup_file_name"`
}

ClearEventLogARequest structure represents the ElfrClearELFA operation request

func (*ClearEventLogARequest) MarshalNDR

func (o *ClearEventLogARequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ClearEventLogARequest) UnmarshalNDR

func (o *ClearEventLogARequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ClearEventLogAResponse

type ClearEventLogAResponse struct {
	// Return: The ElfrClearELFA return value.
	Return int32 `idl:"name:Return" json:"return"`
}

ClearEventLogAResponse structure represents the ElfrClearELFA operation response

func (*ClearEventLogAResponse) MarshalNDR

func (o *ClearEventLogAResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ClearEventLogAResponse) UnmarshalNDR

func (o *ClearEventLogAResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ClearEventLogWRequest

type ClearEventLogWRequest struct {
	// LogHandle: Handle to the event log to be cleared. This parameter is a server context
	// handle, as specified in section 2.2.6. This handle MUST NOT be one obtained via the
	// ElfrOpenBELA (section 3.1.4.2) method or the ElfrOpenBELW (section 3.1.4.1) method.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// BackupFileName: Provides a Unicode string (as specified in section 2.2.11) that points
	// to an NT Object Path of a file in which a current copy of the event log is to be
	// placed. If this is NULL or empty, no backup is to be created. The path is relative
	// to the server rather than the client.
	BackupFileName *dtyp.UnicodeString `idl:"name:BackupFileName;pointer:unique" json:"backup_file_name"`
}

ClearEventLogWRequest structure represents the ElfrClearELFW operation request

func (*ClearEventLogWRequest) MarshalNDR

func (o *ClearEventLogWRequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ClearEventLogWRequest) UnmarshalNDR

func (o *ClearEventLogWRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ClearEventLogWResponse

type ClearEventLogWResponse struct {
	// Return: The ElfrClearELFW return value.
	Return int32 `idl:"name:Return" json:"return"`
}

ClearEventLogWResponse structure represents the ElfrClearELFW operation response

func (*ClearEventLogWResponse) MarshalNDR

func (o *ClearEventLogWResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ClearEventLogWResponse) UnmarshalNDR

func (o *ClearEventLogWResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ClientID

type ClientID struct {
	// UniqueProcess:  A 32-bit unsigned integer. Ignored when ElfrChangeNotify (section
	// 3.1.4.23) is invoked remotely.
	UniqueProcess uint32 `idl:"name:UniqueProcess" json:"unique_process"`
	// UniqueThread:  A 32-bit unsigned integer. Ignored when ElfrChangeNotify (section
	// 3.1.4.23) is invoked remotely.
	UniqueThread uint32 `idl:"name:UniqueThread" json:"unique_thread"`
}

ClientID structure represents RPC_CLIENT_ID RPC structure.

The RPC_CLIENT_ID structure is used in the ElfrChangeNotify (section 3.1.4.23) method for local method invocations only.

func (*ClientID) MarshalNDR

func (o *ClientID) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ClientID) UnmarshalNDR

func (o *ClientID) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type CloseEventLogRequest

type CloseEventLogRequest struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6.
	Log *Handle `idl:"name:LogHandle" json:"log"`
}

CloseEventLogRequest structure represents the ElfrCloseEL operation request

func (*CloseEventLogRequest) MarshalNDR

func (o *CloseEventLogRequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*CloseEventLogRequest) UnmarshalNDR

func (o *CloseEventLogRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type CloseEventLogResponse

type CloseEventLogResponse struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// Return: The ElfrCloseEL return value.
	Return int32 `idl:"name:Return" json:"return"`
}

CloseEventLogResponse structure represents the ElfrCloseEL operation response

func (*CloseEventLogResponse) MarshalNDR

func (o *CloseEventLogResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*CloseEventLogResponse) UnmarshalNDR

func (o *CloseEventLogResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type DeregisterEventSourceRequest

type DeregisterEventSourceRequest struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6.
	Log *Handle `idl:"name:LogHandle" json:"log"`
}

DeregisterEventSourceRequest structure represents the ElfrDeregisterEventSource operation request

func (*DeregisterEventSourceRequest) MarshalNDR

func (*DeregisterEventSourceRequest) UnmarshalNDR

func (o *DeregisterEventSourceRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type DeregisterEventSourceResponse

type DeregisterEventSourceResponse struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// Return: The ElfrDeregisterEventSource return value.
	Return int32 `idl:"name:Return" json:"return"`
}

DeregisterEventSourceResponse structure represents the ElfrDeregisterEventSource operation response

func (*DeregisterEventSourceResponse) MarshalNDR

func (*DeregisterEventSourceResponse) UnmarshalNDR

func (o *DeregisterEventSourceResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type EventlogClient

type EventlogClient interface {

	// The ElfrClearELFW (Opnum 0) method instructs the server to clear an event log, and,
	// optionally, to back up the event log before the clear operation takes place.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	ClearEventLogW(context.Context, *ClearEventLogWRequest, ...dcerpc.CallOption) (*ClearEventLogWResponse, error)

	// The ElfrBackupELFW (Opnum 1) method instructs the server to back up the event log
	// to a specified file name.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].<25>
	BackupEventLogW(context.Context, *BackupEventLogWRequest, ...dcerpc.CallOption) (*BackupEventLogWResponse, error)

	// The ElfrCloseEL (Opnum 2) method instructs the server to close a handle to the event
	// log, freeing resources on the server that maintained an association between the handle
	// and the corresponding event log. This handle MUST have been obtained via the ElfrOpenELW
	// (section 3.1.4.3) method, the ElfrOpenELA (section 3.1.4.4) method, the ElfrOpenBELW
	// (section 3.1.4.1) method, or the ElfrOpenBELA (section 3.1.4.2) method.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	CloseEventLog(context.Context, *CloseEventLogRequest, ...dcerpc.CallOption) (*CloseEventLogResponse, error)

	// The ElfrDeregisterEventSource (Opnum 3) method instructs the server to close a handle
	// to the event log, freeing resources on the server that maintained an association
	// between the handle and the corresponding event log. This handle MUST have been obtained
	// via the ElfrRegisterEventSourceW (section 3.1.4.5) method or the ElfrRegisterEventSourceA
	// (section 3.1.4.6) method.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	DeregisterEventSource(context.Context, *DeregisterEventSourceRequest, ...dcerpc.CallOption) (*DeregisterEventSourceResponse, error)

	// The ElfrNumberOfRecords (Opnum 4) method instructs the server to report the number
	// of records currently in the event log.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	NumberOfRecords(context.Context, *NumberOfRecordsRequest, ...dcerpc.CallOption) (*NumberOfRecordsResponse, error)

	// The ElfrOldestRecord (Opnum 5) method instructs the server to report the record number
	// of the oldest record in the event log.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	OldestRecord(context.Context, *OldestRecordRequest, ...dcerpc.CallOption) (*OldestRecordResponse, error)

	// The ElfrChangeNotify (Opnum 6) method is intended for local use.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; the
	// method always returns STATUS_INVALID_HANDLE (0xC0000008) when called remotely. For
	// all other errors it MUST return an implementation-based, nonzero NTSTATUS value specified
	// in [MS-ERREF].
	ChangeNotify(context.Context, *ChangeNotifyRequest, ...dcerpc.CallOption) (*ChangeNotifyResponse, error)

	// The ElfrOpenELW method instructs the server to return a server context handle to
	// a live event log. The caller MUST<18> have permission to read the file that contains
	// the event log for this to succeed.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	OpenEventLogW(context.Context, *OpenEventLogWRequest, ...dcerpc.CallOption) (*OpenEventLogWResponse, error)

	// The ElfrRegisterEventSourceW (Opnum 8) method instructs the server to return a server
	// context handle to an event log for writing. The caller MUST have permission to write
	// to the file containing the event log for this to succeed. The module name argument
	// specifies the event source that is used to determine the relevant event log as specified
	// below.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	RegisterEventSourceW(context.Context, *RegisterEventSourceWRequest, ...dcerpc.CallOption) (*RegisterEventSourceWResponse, error)

	// The ElfrOpenBELW (Opnum 9) method instructs the server to return a handle to a backup
	// event log. The caller MUST have permission to read the file containing the backup
	// event log for this to succeed.
	//
	// Note  The server has an Access Control List (ACL) that is used to control access
	// to the log. The protocol has no methods for reading or setting that ACL.
	//
	// Return Values: The method MUST return STATUS_SUCCESS on success; otherwise, it MUST
	// return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// Note  The value of STATUS_SUCCESS is 0x00000000.
	OpenBackupEventLogW(context.Context, *OpenBackupEventLogWRequest, ...dcerpc.CallOption) (*OpenBackupEventLogWResponse, error)

	// The ElfrReadELW (Opnum 10) method reads events from the event log; the server transmits
	// these events to the client and advances the reader's position within the event log
	// associated with the server context handle that is passed in the LogHandle parameter.
	// The strings in the returned event MUST be in [UNICODE].
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success. If
	// the method is successful, the read position MUST be adjusted by NumberOfBytesRead.
	// The method MUST return STATUS_BUFFER_TOO_SMALL (0xC0000023) if the buffer is too
	// small to fit even one record. Otherwise, it MUST return any other implementation-based,
	// nonzero NTSTATUS value specified in [MS-ERREF].
	ReadEventLogW(context.Context, *ReadEventLogWRequest, ...dcerpc.CallOption) (*ReadEventLogWResponse, error)

	// The ElfrReportEventW (Opnum 11) method writes events to the event log; the server
	// receives these events from the client.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	ReportEventW(context.Context, *ReportEventWRequest, ...dcerpc.CallOption) (*ReportEventWResponse, error)

	// The ElfrClearELFA (Opnum 12) method instructs the server to clear an event log, and,
	// optionally, to back up the event log before the clear operation takes place.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// The ElfrClearELFA and ElfrClearELFW (section 3.1.4.9) methods are identical in functionality.
	// The difference between the two methods is that the ElfrClearELFA method specifies
	// BackupFileName as an ANSI string. The ElfrClearELFW method specifies BackupFileName
	// as a UNICODE string.
	ClearEventLogA(context.Context, *ClearEventLogARequest, ...dcerpc.CallOption) (*ClearEventLogAResponse, error)

	// The ElfrBackupELFA (Opnum 13) method instructs the server to back up the event log
	// to a specified file name.<26>
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// ElfrBackupELFA is identical to the ElfrBackupELFW (section 3.1.4.11) method except
	// in the following case:
	//
	// * When BackUpFileName is an ANSI string.
	BackupEventLogA(context.Context, *BackupEventLogARequest, ...dcerpc.CallOption) (*BackupEventLogAResponse, error)

	// The ElfrOpenELA (Opnum 14) method instructs the server to return a server context
	// handle to a live event log. For this to succeed, the caller MUST have permission
	// to read the file that contains the event log.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// This is identical to the ElfrOpenELW (section 3.1.4.3) method except that the ModuleName,
	// RegModuleName, and the UNCServerName are ANSI strings in this case.
	OpenEventLogA(context.Context, *OpenEventLogARequest, ...dcerpc.CallOption) (*OpenEventLogAResponse, error)

	// The ElfrRegisterEventSourceA (Opnum 15) method instructs the server to return a server
	// context handle to an event log for writing. The caller MUST have permission to write
	// to the file containing the event log for this to succeed. The module name argument
	// specifies the event source, which is used to determine the relevant event log, as
	// specified in the following sections.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// This is identical to the ElfrRegisterEventSourceW (section 3.1.4.5) method except
	// that the ModuleName, RegModuleName, and the UNCServerName parameters are ANSI strings
	// in this case.
	RegisterEventSourceA(context.Context, *RegisterEventSourceARequest, ...dcerpc.CallOption) (*RegisterEventSourceAResponse, error)

	// The ElfrOpenBELA (Opnum 16) method instructs the server to return a handle to a backup
	// event log. The caller MUST have permission to read the file containing the backup
	// event log for this to succeed.
	//
	// Note  The server has an Access Control List (ACL) that is used to control access
	// to the log. The protocol has no methods for reading or setting that ACL.
	//
	// Return Values: The method returns STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	OpenBackupEventLogA(context.Context, *OpenBackupEventLogARequest, ...dcerpc.CallOption) (*OpenBackupEventLogAResponse, error)

	// The ElfrReadELA (Opnum 17) method reads events from the event log; the server transmits
	// these events to the client and advances the reader's position within the event log
	// associated with the server context handle that is passed in the LogHandle parameter.
	// The strings in the returned events MUST be ANSI.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success. The
	// method MUST return STATUS_BUFFER_TOO_SMALL (0xC0000023) if the buffer is too small
	// to fit even one record. Otherwise, it MUST return any other implementation-based,
	// nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// This is identical to the ElfrReadELW (section 3.1.4.7) method except that the events
	// placed in the buffer MUST be ANSI strings rather than [UNICODE] strings.
	ReadEventLogA(context.Context, *ReadEventLogARequest, ...dcerpc.CallOption) (*ReadEventLogAResponse, error)

	// The ElfrReportEventA (Opnum 18) method writes events to the event log; the server
	// receives these events from the client.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// This method is identical to the ElfrReportEventW (section 3.1.4.13) method except
	// that the string arguments are ANSI strings in this case. Thus, the remarks in ElfrReportEventW
	// (section 3.1.4.13) apply to this method as well.
	ReportEventA(context.Context, *ReportEventARequest, ...dcerpc.CallOption) (*ReportEventAResponse, error)

	// The ElfrGetLogInformation (Opnum 22) method instructs the server to return information
	// on an event log.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success. The
	// method MUST return STATUS_BUFFER_TOO_SMALL (0xC0000023) if the buffer is too small
	// to fit even one record. Otherwise, it MUST return an implementation-based, nonzero
	// NTSTATUS value specified in [MS-ERREF].
	GetLogInformation(context.Context, *GetLogInformationRequest, ...dcerpc.CallOption) (*GetLogInformationResponse, error)

	// This method<32> instructs the server to write an event to an event log. It differs
	// from the other methods for writing an event by specifying the event source at the
	// time of the write. The other methods for writing an event required the event source
	// to be specified when the handle was opened for write.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// Note  If the method is not supported, the RPC transport itself (as opposed to this
	// protocol) returns RPC_S_PROCNUM_OUT_OF_RANGE (0x6D1).
	//
	// This method is almost identical to the ElfrReportEventW (section 3.1.4.13) method
	// except that it has a SourceName parameter. The server uses this SourceName parameter
	// to log the source into the event instead of retrieving the source name from the LogHandle
	// parameter.
	ReportEventAndSourceW(context.Context, *ReportEventAndSourceWRequest, ...dcerpc.CallOption) (*ReportEventAndSourceWResponse, error)

	// The ElfrReportEventExW (Opnum 25) method<33> writes events to the event log; the
	// server receives these events from the client.
	//
	// Return Values: The method returns STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it returns an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	ReportEventExW(context.Context, *ReportEventExWRequest, ...dcerpc.CallOption) (*ReportEventExWResponse, error)

	// The ElfrReportEventExA (Opnum 26) method<36> writes events to the event log; the
	// server receives these events from the client.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// This method is identical to the ElfrReportEventExW (section 3.1.4.16) method except
	// that the string arguments are ANSI strings in this case. Thus, the remarks in ElfrReportEventExW
	// (section 3.1.4.16) apply to this method as well.
	ReportEventExA(context.Context, *ReportEventExARequest, ...dcerpc.CallOption) (*ReportEventExAResponse, error)

	// AlterContext alters the client context.
	AlterContext(context.Context, ...dcerpc.Option) error
}

eventlog interface.

func NewEventlogClient

func NewEventlogClient(ctx context.Context, cc dcerpc.Conn, opts ...dcerpc.Option) (EventlogClient, error)

type EventlogServer

type EventlogServer interface {

	// The ElfrClearELFW (Opnum 0) method instructs the server to clear an event log, and,
	// optionally, to back up the event log before the clear operation takes place.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	ClearEventLogW(context.Context, *ClearEventLogWRequest) (*ClearEventLogWResponse, error)

	// The ElfrBackupELFW (Opnum 1) method instructs the server to back up the event log
	// to a specified file name.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].<25>
	BackupEventLogW(context.Context, *BackupEventLogWRequest) (*BackupEventLogWResponse, error)

	// The ElfrCloseEL (Opnum 2) method instructs the server to close a handle to the event
	// log, freeing resources on the server that maintained an association between the handle
	// and the corresponding event log. This handle MUST have been obtained via the ElfrOpenELW
	// (section 3.1.4.3) method, the ElfrOpenELA (section 3.1.4.4) method, the ElfrOpenBELW
	// (section 3.1.4.1) method, or the ElfrOpenBELA (section 3.1.4.2) method.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	CloseEventLog(context.Context, *CloseEventLogRequest) (*CloseEventLogResponse, error)

	// The ElfrDeregisterEventSource (Opnum 3) method instructs the server to close a handle
	// to the event log, freeing resources on the server that maintained an association
	// between the handle and the corresponding event log. This handle MUST have been obtained
	// via the ElfrRegisterEventSourceW (section 3.1.4.5) method or the ElfrRegisterEventSourceA
	// (section 3.1.4.6) method.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	DeregisterEventSource(context.Context, *DeregisterEventSourceRequest) (*DeregisterEventSourceResponse, error)

	// The ElfrNumberOfRecords (Opnum 4) method instructs the server to report the number
	// of records currently in the event log.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	NumberOfRecords(context.Context, *NumberOfRecordsRequest) (*NumberOfRecordsResponse, error)

	// The ElfrOldestRecord (Opnum 5) method instructs the server to report the record number
	// of the oldest record in the event log.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	OldestRecord(context.Context, *OldestRecordRequest) (*OldestRecordResponse, error)

	// The ElfrChangeNotify (Opnum 6) method is intended for local use.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; the
	// method always returns STATUS_INVALID_HANDLE (0xC0000008) when called remotely. For
	// all other errors it MUST return an implementation-based, nonzero NTSTATUS value specified
	// in [MS-ERREF].
	ChangeNotify(context.Context, *ChangeNotifyRequest) (*ChangeNotifyResponse, error)

	// The ElfrOpenELW method instructs the server to return a server context handle to
	// a live event log. The caller MUST<18> have permission to read the file that contains
	// the event log for this to succeed.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	OpenEventLogW(context.Context, *OpenEventLogWRequest) (*OpenEventLogWResponse, error)

	// The ElfrRegisterEventSourceW (Opnum 8) method instructs the server to return a server
	// context handle to an event log for writing. The caller MUST have permission to write
	// to the file containing the event log for this to succeed. The module name argument
	// specifies the event source that is used to determine the relevant event log as specified
	// below.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	RegisterEventSourceW(context.Context, *RegisterEventSourceWRequest) (*RegisterEventSourceWResponse, error)

	// The ElfrOpenBELW (Opnum 9) method instructs the server to return a handle to a backup
	// event log. The caller MUST have permission to read the file containing the backup
	// event log for this to succeed.
	//
	// Note  The server has an Access Control List (ACL) that is used to control access
	// to the log. The protocol has no methods for reading or setting that ACL.
	//
	// Return Values: The method MUST return STATUS_SUCCESS on success; otherwise, it MUST
	// return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// Note  The value of STATUS_SUCCESS is 0x00000000.
	OpenBackupEventLogW(context.Context, *OpenBackupEventLogWRequest) (*OpenBackupEventLogWResponse, error)

	// The ElfrReadELW (Opnum 10) method reads events from the event log; the server transmits
	// these events to the client and advances the reader's position within the event log
	// associated with the server context handle that is passed in the LogHandle parameter.
	// The strings in the returned event MUST be in [UNICODE].
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success. If
	// the method is successful, the read position MUST be adjusted by NumberOfBytesRead.
	// The method MUST return STATUS_BUFFER_TOO_SMALL (0xC0000023) if the buffer is too
	// small to fit even one record. Otherwise, it MUST return any other implementation-based,
	// nonzero NTSTATUS value specified in [MS-ERREF].
	ReadEventLogW(context.Context, *ReadEventLogWRequest) (*ReadEventLogWResponse, error)

	// The ElfrReportEventW (Opnum 11) method writes events to the event log; the server
	// receives these events from the client.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	ReportEventW(context.Context, *ReportEventWRequest) (*ReportEventWResponse, error)

	// The ElfrClearELFA (Opnum 12) method instructs the server to clear an event log, and,
	// optionally, to back up the event log before the clear operation takes place.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// The ElfrClearELFA and ElfrClearELFW (section 3.1.4.9) methods are identical in functionality.
	// The difference between the two methods is that the ElfrClearELFA method specifies
	// BackupFileName as an ANSI string. The ElfrClearELFW method specifies BackupFileName
	// as a UNICODE string.
	ClearEventLogA(context.Context, *ClearEventLogARequest) (*ClearEventLogAResponse, error)

	// The ElfrBackupELFA (Opnum 13) method instructs the server to back up the event log
	// to a specified file name.<26>
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// ElfrBackupELFA is identical to the ElfrBackupELFW (section 3.1.4.11) method except
	// in the following case:
	//
	// * When BackUpFileName is an ANSI string.
	BackupEventLogA(context.Context, *BackupEventLogARequest) (*BackupEventLogAResponse, error)

	// The ElfrOpenELA (Opnum 14) method instructs the server to return a server context
	// handle to a live event log. For this to succeed, the caller MUST have permission
	// to read the file that contains the event log.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// This is identical to the ElfrOpenELW (section 3.1.4.3) method except that the ModuleName,
	// RegModuleName, and the UNCServerName are ANSI strings in this case.
	OpenEventLogA(context.Context, *OpenEventLogARequest) (*OpenEventLogAResponse, error)

	// The ElfrRegisterEventSourceA (Opnum 15) method instructs the server to return a server
	// context handle to an event log for writing. The caller MUST have permission to write
	// to the file containing the event log for this to succeed. The module name argument
	// specifies the event source, which is used to determine the relevant event log, as
	// specified in the following sections.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// This is identical to the ElfrRegisterEventSourceW (section 3.1.4.5) method except
	// that the ModuleName, RegModuleName, and the UNCServerName parameters are ANSI strings
	// in this case.
	RegisterEventSourceA(context.Context, *RegisterEventSourceARequest) (*RegisterEventSourceAResponse, error)

	// The ElfrOpenBELA (Opnum 16) method instructs the server to return a handle to a backup
	// event log. The caller MUST have permission to read the file containing the backup
	// event log for this to succeed.
	//
	// Note  The server has an Access Control List (ACL) that is used to control access
	// to the log. The protocol has no methods for reading or setting that ACL.
	//
	// Return Values: The method returns STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	OpenBackupEventLogA(context.Context, *OpenBackupEventLogARequest) (*OpenBackupEventLogAResponse, error)

	// The ElfrReadELA (Opnum 17) method reads events from the event log; the server transmits
	// these events to the client and advances the reader's position within the event log
	// associated with the server context handle that is passed in the LogHandle parameter.
	// The strings in the returned events MUST be ANSI.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success. The
	// method MUST return STATUS_BUFFER_TOO_SMALL (0xC0000023) if the buffer is too small
	// to fit even one record. Otherwise, it MUST return any other implementation-based,
	// nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// This is identical to the ElfrReadELW (section 3.1.4.7) method except that the events
	// placed in the buffer MUST be ANSI strings rather than [UNICODE] strings.
	ReadEventLogA(context.Context, *ReadEventLogARequest) (*ReadEventLogAResponse, error)

	// The ElfrReportEventA (Opnum 18) method writes events to the event log; the server
	// receives these events from the client.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// This method is identical to the ElfrReportEventW (section 3.1.4.13) method except
	// that the string arguments are ANSI strings in this case. Thus, the remarks in ElfrReportEventW
	// (section 3.1.4.13) apply to this method as well.
	ReportEventA(context.Context, *ReportEventARequest) (*ReportEventAResponse, error)

	// The ElfrGetLogInformation (Opnum 22) method instructs the server to return information
	// on an event log.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success. The
	// method MUST return STATUS_BUFFER_TOO_SMALL (0xC0000023) if the buffer is too small
	// to fit even one record. Otherwise, it MUST return an implementation-based, nonzero
	// NTSTATUS value specified in [MS-ERREF].
	GetLogInformation(context.Context, *GetLogInformationRequest) (*GetLogInformationResponse, error)

	// This method<32> instructs the server to write an event to an event log. It differs
	// from the other methods for writing an event by specifying the event source at the
	// time of the write. The other methods for writing an event required the event source
	// to be specified when the handle was opened for write.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// Note  If the method is not supported, the RPC transport itself (as opposed to this
	// protocol) returns RPC_S_PROCNUM_OUT_OF_RANGE (0x6D1).
	//
	// This method is almost identical to the ElfrReportEventW (section 3.1.4.13) method
	// except that it has a SourceName parameter. The server uses this SourceName parameter
	// to log the source into the event instead of retrieving the source name from the LogHandle
	// parameter.
	ReportEventAndSourceW(context.Context, *ReportEventAndSourceWRequest) (*ReportEventAndSourceWResponse, error)

	// The ElfrReportEventExW (Opnum 25) method<33> writes events to the event log; the
	// server receives these events from the client.
	//
	// Return Values: The method returns STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it returns an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	ReportEventExW(context.Context, *ReportEventExWRequest) (*ReportEventExWResponse, error)

	// The ElfrReportEventExA (Opnum 26) method<36> writes events to the event log; the
	// server receives these events from the client.
	//
	// Return Values: The method MUST return STATUS_SUCCESS (0x00000000) on success; otherwise,
	// it MUST return an implementation-based, nonzero NTSTATUS value specified in [MS-ERREF].
	//
	// This method is identical to the ElfrReportEventExW (section 3.1.4.16) method except
	// that the string arguments are ANSI strings in this case. Thus, the remarks in ElfrReportEventExW
	// (section 3.1.4.16) apply to this method as well.
	ReportEventExA(context.Context, *ReportEventExARequest) (*ReportEventExAResponse, error)
}

eventlog server interface.

type GetLogInformationRequest

type GetLogInformationRequest struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// InfoLevel: The level of event log information to return. This MUST be set to zero.
	InfoLevel uint32 `idl:"name:InfoLevel" json:"info_level"`
	// cbBufSize: The size in bytes of the buffer pointed to by the lpBuffer parameter.
	BufferLength uint32 `idl:"name:cbBufSize" json:"buffer_length"`
}

GetLogInformationRequest structure represents the ElfrGetLogInformation operation request

func (*GetLogInformationRequest) MarshalNDR

func (o *GetLogInformationRequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*GetLogInformationRequest) UnmarshalNDR

func (o *GetLogInformationRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type GetLogInformationResponse

type GetLogInformationResponse struct {
	// lpBuffer: The event log information. This MUST point to either an EVENTLOG_FULL_INFORMATION
	// (section 2.2.4) structure or be NULL.
	Buffer []byte `idl:"name:lpBuffer;size_is:(cbBufSize)" json:"buffer"`
	// pcbBytesNeeded: Number of bytes required for the requested information, regardless
	// of if the function succeeds. This parameter MUST NOT be NULL.
	BytesNeededLength uint32 `idl:"name:pcbBytesNeeded" json:"bytes_needed_length"`
	// Return: The ElfrGetLogInformation return value.
	Return int32 `idl:"name:Return" json:"return"`
}

GetLogInformationResponse structure represents the ElfrGetLogInformation operation response

func (*GetLogInformationResponse) MarshalNDR

func (o *GetLogInformationResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*GetLogInformationResponse) UnmarshalNDR

func (o *GetLogInformationResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type Handle

type Handle dcetypes.ContextHandle

Handle structure represents IELF_HANDLE RPC structure.

func (*Handle) ContextHandle

func (o *Handle) ContextHandle() *dcetypes.ContextHandle

func (*Handle) MarshalNDR

func (o *Handle) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*Handle) UnmarshalNDR

func (o *Handle) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type NumberOfRecordsRequest

type NumberOfRecordsRequest struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6.
	Log *Handle `idl:"name:LogHandle" json:"log"`
}

NumberOfRecordsRequest structure represents the ElfrNumberOfRecords operation request

func (*NumberOfRecordsRequest) MarshalNDR

func (o *NumberOfRecordsRequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*NumberOfRecordsRequest) UnmarshalNDR

func (o *NumberOfRecordsRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type NumberOfRecordsResponse

type NumberOfRecordsResponse struct {
	// NumberOfRecords: Total number of records in the specified event log.
	NumberOfRecords uint32 `idl:"name:NumberOfRecords" json:"number_of_records"`
	// Return: The ElfrNumberOfRecords return value.
	Return int32 `idl:"name:Return" json:"return"`
}

NumberOfRecordsResponse structure represents the ElfrNumberOfRecords operation response

func (*NumberOfRecordsResponse) MarshalNDR

func (o *NumberOfRecordsResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*NumberOfRecordsResponse) UnmarshalNDR

func (o *NumberOfRecordsResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type OldestRecordRequest

type OldestRecordRequest struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6.
	Log *Handle `idl:"name:LogHandle" json:"log"`
}

OldestRecordRequest structure represents the ElfrOldestRecord operation request

func (*OldestRecordRequest) MarshalNDR

func (o *OldestRecordRequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*OldestRecordRequest) UnmarshalNDR

func (o *OldestRecordRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type OldestRecordResponse

type OldestRecordResponse struct {
	// OldestRecordNumber: The number of the oldest record in the specified event log. The
	// chronology is based on the time that records are written (not the record generation
	// time specified by the event source).
	OldestRecordNumber uint32 `idl:"name:OldestRecordNumber" json:"oldest_record_number"`
	// Return: The ElfrOldestRecord return value.
	Return int32 `idl:"name:Return" json:"return"`
}

OldestRecordResponse structure represents the ElfrOldestRecord operation response

func (*OldestRecordResponse) MarshalNDR

func (o *OldestRecordResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*OldestRecordResponse) UnmarshalNDR

func (o *OldestRecordResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type OpenBackupEventLogARequest

type OpenBackupEventLogARequest struct {
	// UNCServerName: A server interface handle. A pointer to an ANSI string (see [MSDN-ANSI])
	// specifying the server, as specified in section 2.2.7. The client MUST map this string
	// to an RPC binding handle, and the server MUST ignore this argument, as specified
	// in [C706] sections 4.3.5 and 5.1.5.2.
	UNCServerName string `idl:"name:UNCServerName" json:"unc_server_name"`
	// BackupFileName: Provides an ANSI string (as specified in section 2.2.12) that points
	// to an NT Object Path of the file where the backup event log is located, as specified
	// in section 2.2.4.1.
	BackupFileName *String `idl:"name:BackupFileName" json:"backup_file_name"`
	// MajorVersion: Major version of the client. This value MUST be set to 1.
	MajorVersion uint32 `idl:"name:MajorVersion" json:"major_version"`
	// MinorVersion: Minor version of the client. This value MUST be set to 1.
	MinorVersion uint32 `idl:"name:MinorVersion" json:"minor_version"`
}

OpenBackupEventLogARequest structure represents the ElfrOpenBELA operation request

func (*OpenBackupEventLogARequest) MarshalNDR

func (o *OpenBackupEventLogARequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*OpenBackupEventLogARequest) UnmarshalNDR

func (o *OpenBackupEventLogARequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type OpenBackupEventLogAResponse

type OpenBackupEventLogAResponse struct {
	// LogHandle: Pointer to an event log handle. This parameter is a server context handle,
	// as specified in section 2.2.6. This handle MUST be closed by using the ElfrCloseEL
	// (section 3.1.4.21) method once the handle is no longer needed. In the case when the
	// client cannot call the ElfrCloseEL function, such as the abnormal termination of
	// the client, this context handle will be revoked by the server so that there will
	// not be any resource leaks.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// Return: The ElfrOpenBELA return value.
	Return int32 `idl:"name:Return" json:"return"`
}

OpenBackupEventLogAResponse structure represents the ElfrOpenBELA operation response

func (*OpenBackupEventLogAResponse) MarshalNDR

func (*OpenBackupEventLogAResponse) UnmarshalNDR

func (o *OpenBackupEventLogAResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type OpenBackupEventLogWRequest

type OpenBackupEventLogWRequest struct {
	// UNCServerName: A server interface handle. A pointer to a Unicode string specifying
	// the server, as specified in section 2.2.7. The client MUST map this string to an
	// RPC binding handle, and the server MUST ignore this argument. See [C706] sections
	// 4.3.5 and 5.1.5.2.
	UNCServerName string `idl:"name:UNCServerName" json:"unc_server_name"`
	// BackupFileName: Provides a Unicode string (as specified in section 2.2.11) that points
	// to an NT Object Path of the file where the backup event log is located, as specified
	// in section 2.2.4.1.
	BackupFileName *dtyp.UnicodeString `idl:"name:BackupFileName" json:"backup_file_name"`
	// MajorVersion: Major version of the client. This value MUST be set to 1.
	MajorVersion uint32 `idl:"name:MajorVersion" json:"major_version"`
	// MinorVersion: Minor version of the client. This value MUST be set to 1.
	MinorVersion uint32 `idl:"name:MinorVersion" json:"minor_version"`
}

OpenBackupEventLogWRequest structure represents the ElfrOpenBELW operation request

func (*OpenBackupEventLogWRequest) MarshalNDR

func (o *OpenBackupEventLogWRequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*OpenBackupEventLogWRequest) UnmarshalNDR

func (o *OpenBackupEventLogWRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type OpenBackupEventLogWResponse

type OpenBackupEventLogWResponse struct {
	// LogHandle: Pointer to an event log handle. This parameter is a server context handle,
	// as specified in section 2.2.6. This handle MUST be closed using the ElfrCloseEL (Opnum
	// 2) (section 3.1.4.21) method once the handle is no longer needed. In the case when
	// the client cannot call the ElfrCloseEL function, such as the abnormal termination
	// of the client, this context handle will be revoked by the server so that there will
	// not be any resource leaks. The processing rule to revoke a context handle that has
	// been terminated abnormally is defined in [MS-RPCE] section 3.3.3.2.1.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// Return: The ElfrOpenBELW return value.
	Return int32 `idl:"name:Return" json:"return"`
}

OpenBackupEventLogWResponse structure represents the ElfrOpenBELW operation response

func (*OpenBackupEventLogWResponse) MarshalNDR

func (*OpenBackupEventLogWResponse) UnmarshalNDR

func (o *OpenBackupEventLogWResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type OpenEventLogARequest

type OpenEventLogARequest struct {
	// UNCServerName: A server interface handle. A pointer to an ANSI string (see [MSDN-ANSI])
	// specifying the server, as specified in section 2.2.7. The client MUST map this string
	// to an RPC binding handle, and the server MUST ignore this argument, as specified
	// in [C706] sections 4.3.5 and 5.1.5.2.
	UNCServerName string `idl:"name:UNCServerName" json:"unc_server_name"`
	// ModuleName: Specifies the event log name, as defined in section 1.8.2 and specified
	// in section 2.2.12, for which a handle is needed.
	ModuleName *String `idl:"name:ModuleName" json:"module_name"`
	// RegModuleName: This parameter MUST be ignored by the server. Clients MUST specify
	// an empty string.
	RegModuleName *String `idl:"name:RegModuleName" json:"reg_module_name"`
	// MajorVersion: Major version of the client. This value MUST be set to 1.
	MajorVersion uint32 `idl:"name:MajorVersion" json:"major_version"`
	// MinorVersion: Minor version of the client. This value MUST be set to 1.
	MinorVersion uint32 `idl:"name:MinorVersion" json:"minor_version"`
}

OpenEventLogARequest structure represents the ElfrOpenELA operation request

func (*OpenEventLogARequest) MarshalNDR

func (o *OpenEventLogARequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*OpenEventLogARequest) UnmarshalNDR

func (o *OpenEventLogARequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type OpenEventLogAResponse

type OpenEventLogAResponse struct {
	// LogHandle: Pointer to an event log handle. This parameter is a server context handle,
	// as specified in section 2.2.6. This handle MUST be closed by using the ElfrCloseEL
	// (section 3.1.4.21) method once the handle is no longer needed. In the case when the
	// client cannot call the ElfrCloseEL function, such as the abnormal termination of
	// the client, this context handle will be revoked by the server so that there will
	// not be any resource leaks.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// Return: The ElfrOpenELA return value.
	Return int32 `idl:"name:Return" json:"return"`
}

OpenEventLogAResponse structure represents the ElfrOpenELA operation response

func (*OpenEventLogAResponse) MarshalNDR

func (o *OpenEventLogAResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*OpenEventLogAResponse) UnmarshalNDR

func (o *OpenEventLogAResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type OpenEventLogWRequest

type OpenEventLogWRequest struct {
	// UNCServerName: A server interface handle. A pointer to a Unicode string specifying
	// the server, as specified in section 2.2.7. The client MUST map this string to an
	// RPC binding handle, and the server MUST ignore this argument, as specified in [C706]
	// sections 4.3.5 and 5.1.5.2.
	UNCServerName string `idl:"name:UNCServerName" json:"unc_server_name"`
	// ModuleName: Specifies the event log name, as defined in section 1.8.2 and specified
	// in section 2.2.11, for which a handle is needed.
	ModuleName *dtyp.UnicodeString `idl:"name:ModuleName" json:"module_name"`
	// RegModuleName: This parameter MUST be ignored by the server. Clients MUST specify
	// an empty string.
	RegModuleName *dtyp.UnicodeString `idl:"name:RegModuleName" json:"reg_module_name"`
	// MajorVersion: Major version of the client. This value MUST be set to 1.
	MajorVersion uint32 `idl:"name:MajorVersion" json:"major_version"`
	// MinorVersion: Minor version of the client. This value MUST be set to 1.
	MinorVersion uint32 `idl:"name:MinorVersion" json:"minor_version"`
}

OpenEventLogWRequest structure represents the ElfrOpenELW operation request

func (*OpenEventLogWRequest) MarshalNDR

func (o *OpenEventLogWRequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*OpenEventLogWRequest) UnmarshalNDR

func (o *OpenEventLogWRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type OpenEventLogWResponse

type OpenEventLogWResponse struct {
	// LogHandle: Pointer to an event log handle. This parameter is a server context handle,
	// as specified in section 2.2.6. This handle MUST be closed by using the ElfrCloseEL
	// (section 3.1.4.21) method once the handle is no longer needed. In the case when the
	// client cannot call the ElfrCloseEL function such as the abnormal termination of the
	// client, this context handle will be revoked by the server so that there will not
	// be any resource leaks.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// Return: The ElfrOpenELW return value.
	Return int32 `idl:"name:Return" json:"return"`
}

OpenEventLogWResponse structure represents the ElfrOpenELW operation response

func (*OpenEventLogWResponse) MarshalNDR

func (o *OpenEventLogWResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*OpenEventLogWResponse) UnmarshalNDR

func (o *OpenEventLogWResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReadEventLogARequest

type ReadEventLogARequest struct {
	// LogHandle: Handle to an event log to read. This parameter is a server context handle,
	// as specified in section 2.2.6.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// ReadFlags: The caller MUST specify if the read is to start at a specific record,
	// or is to proceed from the last record read. The value MUST be one and only one of
	// the following flags.
	//
	//	+-------------------------------------+----------------------------------------------------------------------------------+
	//	|                                     |                                                                                  |
	//	|                VALUE                |                                     MEANING                                      |
	//	|                                     |                                                                                  |
	//	+-------------------------------------+----------------------------------------------------------------------------------+
	//	+-------------------------------------+----------------------------------------------------------------------------------+
	//	| EVENTLOG_SEQUENTIAL_READ 0x00000001 | Read operation proceeds sequentially from the last call to the ElfrReadELA       |
	//	|                                     | (section 3.1.4.8) method or the ElfrReadELW (section 3.1.4.7) method, using this |
	//	|                                     | handle. This flag cannot be used with EVENTLOG_SEEK_READ.                        |
	//	+-------------------------------------+----------------------------------------------------------------------------------+
	//	| EVENTLOG_SEEK_READ 0x00000002       | Read operation proceeds from the record specified by the RecordOffset parameter. |
	//	|                                     | This flag cannot be used with EVENTLOG_SEQUENTIAL_READ.                          |
	//	+-------------------------------------+----------------------------------------------------------------------------------+
	//
	// Because the method reads as many records as can fit in the buffer, the caller MUST
	// also set one and only one of the following flags to indicate the direction for successive
	// read operations.
	//
	//	+------------------------------------+----------------------------------------------------------------------------------+
	//	|                                    |                                                                                  |
	//	|               VALUE                |                                     MEANING                                      |
	//	|                                    |                                                                                  |
	//	+------------------------------------+----------------------------------------------------------------------------------+
	//	+------------------------------------+----------------------------------------------------------------------------------+
	//	| EVENTLOG_FORWARDS_READ 0x00000004  | Log is read in chronological order. This flag cannot be used with                |
	//	|                                    | EVENTLOG_BACKWARDS_READ.                                                         |
	//	+------------------------------------+----------------------------------------------------------------------------------+
	//	| EVENTLOG_BACKWARDS_READ 0x00000008 | Log is read in reverse chronological order. This flag cannot be used with        |
	//	|                                    | EVENTLOG_FORWARDS_READ.                                                          |
	//	+------------------------------------+----------------------------------------------------------------------------------+
	ReadFlags uint32 `idl:"name:ReadFlags" json:"read_flags"`
	// RecordOffset: Log entry record number at which the read operation is to start. Each
	// event in a log has a record number. This parameter MUST be ignored unless the EVENTLOG_SEEK_READ
	// bit is set in the ReadFlags parameter.
	RecordOffset uint32 `idl:"name:RecordOffset" json:"record_offset"`
	// NumberOfBytesToRead: Size of the buffer in bytes. This is the maximum amount of data
	// that can be read.
	NumberOfBytesToRead uint32 `idl:"name:NumberOfBytesToRead" json:"number_of_bytes_to_read"`
}

ReadEventLogARequest structure represents the ElfrReadELA operation request

func (*ReadEventLogARequest) MarshalNDR

func (o *ReadEventLogARequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ReadEventLogARequest) UnmarshalNDR

func (o *ReadEventLogARequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReadEventLogAResponse

type ReadEventLogAResponse struct {
	// Buffer: Data read from the event log.
	Buffer []byte `idl:"name:Buffer;size_is:(NumberOfBytesToRead)" json:"buffer"`
	// NumberOfBytesRead: Number of bytes read by the method.
	NumberOfBytesRead uint32 `idl:"name:NumberOfBytesRead" json:"number_of_bytes_read"`
	// MinNumberOfBytesNeeded: If the method fails because the buffer is too small to fit
	// even a single record, this MUST be set to the minimum number of bytes needed to fit
	// the next record. Otherwise, this MUST NOT be set, and MUST be ignored by the caller.
	MinNumberOfBytesNeeded uint32 `idl:"name:MinNumberOfBytesNeeded" json:"min_number_of_bytes_needed"`
	// Return: The ElfrReadELA return value.
	Return int32 `idl:"name:Return" json:"return"`
}

ReadEventLogAResponse structure represents the ElfrReadELA operation response

func (*ReadEventLogAResponse) MarshalNDR

func (o *ReadEventLogAResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ReadEventLogAResponse) UnmarshalNDR

func (o *ReadEventLogAResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReadEventLogWRequest

type ReadEventLogWRequest struct {
	// LogHandle: Handle to an event log to read. This parameter is a server context handle,
	// as specified in section 2.2.6.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// ReadFlags: The caller MUST specify whether the read is to start at a specific record
	// or is to proceed from the last record read. The value MUST include one and only one
	// of the following flags.
	//
	//	+-------------------------------------+----------------------------------------------------------------------------------+
	//	|                                     |                                                                                  |
	//	|                VALUE                |                                     MEANING                                      |
	//	|                                     |                                                                                  |
	//	+-------------------------------------+----------------------------------------------------------------------------------+
	//	+-------------------------------------+----------------------------------------------------------------------------------+
	//	| EVENTLOG_SEQUENTIAL_READ 0x00000001 | Read operation proceeds sequentially from the last call to the ElfrReadELW       |
	//	|                                     | (section 3.1.4.7) method or the ElfrReadELA (section 3.1.4.8) method, using this |
	//	|                                     | handle. This flag MUST NOT be used with EVENTLOG_SEEK_READ.                      |
	//	+-------------------------------------+----------------------------------------------------------------------------------+
	//	| EVENTLOG_SEEK_READ 0x00000002       | Read operation proceeds from the record specified by the RecordOffset parameter. |
	//	|                                     | This flag MUST NOT be used with EVENTLOG_SEQUENTIAL_READ.                        |
	//	+-------------------------------------+----------------------------------------------------------------------------------+
	//
	// Because the method reads as many records as can fit in the buffer, the caller MUST
	// also set one and only one of the following flags to indicate the direction for successive
	// read operations.
	//
	//	+------------------------------------+----------------------------------------------------------------------------------+
	//	|                                    |                                                                                  |
	//	|               VALUE                |                                     MEANING                                      |
	//	|                                    |                                                                                  |
	//	+------------------------------------+----------------------------------------------------------------------------------+
	//	+------------------------------------+----------------------------------------------------------------------------------+
	//	| EVENTLOG_FORWARDS_READ 0x00000004  | Log is read in chronological order. This flag MUST NOT be used with              |
	//	|                                    | EVENTLOG_BACKWARDS_READ.                                                         |
	//	+------------------------------------+----------------------------------------------------------------------------------+
	//	| EVENTLOG_BACKWARDS_READ 0x00000008 | Log is read in reverse chronological order. This flag MUST NOT be used with      |
	//	|                                    | EVENTLOG_FORWARDS_READ.                                                          |
	//	+------------------------------------+----------------------------------------------------------------------------------+
	ReadFlags uint32 `idl:"name:ReadFlags" json:"read_flags"`
	// RecordOffset: Log entry record number from which the read operation starts (this
	// is not a byte offset but a number). This parameter MUST be ignored unless the EVENTLOG_SEEK_READ
	// bit is set in the ReadFlags parameter.
	RecordOffset uint32 `idl:"name:RecordOffset" json:"record_offset"`
	// NumberOfBytesToRead: Size of the Buffer in bytes. This is the maximum amount of data
	// that can be read.
	NumberOfBytesToRead uint32 `idl:"name:NumberOfBytesToRead" json:"number_of_bytes_to_read"`
}

ReadEventLogWRequest structure represents the ElfrReadELW operation request

func (*ReadEventLogWRequest) MarshalNDR

func (o *ReadEventLogWRequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ReadEventLogWRequest) UnmarshalNDR

func (o *ReadEventLogWRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReadEventLogWResponse

type ReadEventLogWResponse struct {
	// Buffer: The buffer in which to place data read from the event log.
	Buffer []byte `idl:"name:Buffer;size_is:(NumberOfBytesToRead)" json:"buffer"`
	// NumberOfBytesRead: Pointer to a variable that receives the number of bytes actually
	// read by the method.
	NumberOfBytesRead uint32 `idl:"name:NumberOfBytesRead" json:"number_of_bytes_read"`
	// MinNumberOfBytesNeeded: If the method fails because the buffer is too small to fit
	// even a single record, this MUST be set to the minimum number of bytes needed to fit
	// the next record. Otherwise, this MUST NOT be set, and MUST be ignored by the caller.
	MinNumberOfBytesNeeded uint32 `idl:"name:MinNumberOfBytesNeeded" json:"min_number_of_bytes_needed"`
	// Return: The ElfrReadELW return value.
	Return int32 `idl:"name:Return" json:"return"`
}

ReadEventLogWResponse structure represents the ElfrReadELW operation response

func (*ReadEventLogWResponse) MarshalNDR

func (o *ReadEventLogWResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ReadEventLogWResponse) UnmarshalNDR

func (o *ReadEventLogWResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type RegisterEventSourceARequest

type RegisterEventSourceARequest struct {
	// UNCServerName: A server interface handle. A pointer to an ANSI string (see [MSDN-ANSI])
	// specifying the server, as specified in section 2.2.7. The client MUST map this string
	// to an RPC binding handle, and the server MUST ignore this argument, as specified
	// in [C706] sections 4.3.5 and 5.1.5.2.
	UNCServerName string `idl:"name:UNCServerName" json:"unc_server_name"`
	// ModuleName: Specifies the event source, as defined in section 1.8.3 and specified
	// in section 2.2.12, for which a handle is needed.
	ModuleName *String `idl:"name:ModuleName" json:"module_name"`
	// RegModuleName: This parameter MUST be ignored by the server. Clients MUST specify
	// an empty string.
	RegModuleName *String `idl:"name:RegModuleName" json:"reg_module_name"`
	// MajorVersion: Major version of the client. This value MUST be set to 1.
	MajorVersion uint32 `idl:"name:MajorVersion" json:"major_version"`
	// MinorVersion: Minor version of the client. This value MUST be set to 1.
	MinorVersion uint32 `idl:"name:MinorVersion" json:"minor_version"`
}

RegisterEventSourceARequest structure represents the ElfrRegisterEventSourceA operation request

func (*RegisterEventSourceARequest) MarshalNDR

func (*RegisterEventSourceARequest) UnmarshalNDR

func (o *RegisterEventSourceARequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type RegisterEventSourceAResponse

type RegisterEventSourceAResponse struct {
	// LogHandle: Pointer to an event log handle. This parameter is a server context handle,
	// as specified in section 2.2.6.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// Return: The ElfrRegisterEventSourceA return value.
	Return int32 `idl:"name:Return" json:"return"`
}

RegisterEventSourceAResponse structure represents the ElfrRegisterEventSourceA operation response

func (*RegisterEventSourceAResponse) MarshalNDR

func (*RegisterEventSourceAResponse) UnmarshalNDR

func (o *RegisterEventSourceAResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type RegisterEventSourceWRequest

type RegisterEventSourceWRequest struct {
	// UNCServerName: A server interface handle. A pointer to a Unicode (as specified in
	// [MS-DTYP]) string specifying the server, as specified in section 2.2.7. The client
	// MUST map this string to an RPC binding handle, and the server MUST ignore this argument,
	// as specified in [C706] sections 4.3.5 and 5.1.5.2.
	UNCServerName string `idl:"name:UNCServerName" json:"unc_server_name"`
	// ModuleName: Specifies the event source, as defined in section 1.8.3 and specified
	// in section 2.2.11, for which a handle is needed.
	ModuleName *dtyp.UnicodeString `idl:"name:ModuleName" json:"module_name"`
	// RegModuleName: This parameter MUST be ignored by the server. Clients MUST specify
	// an empty string.
	RegModuleName *dtyp.UnicodeString `idl:"name:RegModuleName" json:"reg_module_name"`
	// MajorVersion: Major version of the client. This value MUST be set to 1.
	MajorVersion uint32 `idl:"name:MajorVersion" json:"major_version"`
	// MinorVersion: Minor version of the client. This value MUST be set to 1.
	MinorVersion uint32 `idl:"name:MinorVersion" json:"minor_version"`
}

RegisterEventSourceWRequest structure represents the ElfrRegisterEventSourceW operation request

func (*RegisterEventSourceWRequest) MarshalNDR

func (*RegisterEventSourceWRequest) UnmarshalNDR

func (o *RegisterEventSourceWRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type RegisterEventSourceWResponse

type RegisterEventSourceWResponse struct {
	// LogHandle: Pointer to an event log handle. This parameter is a server context handle,
	// as specified in section 2.2.6.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// Return: The ElfrRegisterEventSourceW return value.
	Return int32 `idl:"name:Return" json:"return"`
}

RegisterEventSourceWResponse structure represents the ElfrRegisterEventSourceW operation response

func (*RegisterEventSourceWResponse) MarshalNDR

func (*RegisterEventSourceWResponse) UnmarshalNDR

func (o *RegisterEventSourceWResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReportEventARequest

type ReportEventARequest struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6. This handle MUST NOT be obtained via the ElfrOpenBELA
	// (section 3.1.4.2) method or the ElfrOpenBELW (section 3.1.4.1) method.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// Time: Time at which the event was generated by the event source (not the time at
	// which the event was). The time MUST be expressed as the number of seconds since 00:00:00
	// on January 1, 1970 (UTC).
	Time uint32 `idl:"name:Time" json:"time"`
	// EventType: Type of the event, as specified in section 2.2.2.
	EventType uint16 `idl:"name:EventType" json:"event_type"`
	// EventCategory: Event category, as specified in section 1.8.5.
	EventCategory uint16 `idl:"name:EventCategory" json:"event_category"`
	// EventID: EventID, as specified in section 3.1.1.4.
	EventID uint32 `idl:"name:EventID" json:"event_id"`
	// NumStrings: Number of strings in the array pointed to by the Strings parameter. A
	// value of zero indicates that no strings are present.
	StringsLength uint16 `idl:"name:NumStrings" json:"strings_length"`
	// DataSize: Number of bytes of event-specific raw binary data to write to the log.
	// This binary data is passed in the Data parameter. If no event-specific data is present,
	// this parameter MUST be set to zero.
	DataSize uint32 `idl:"name:DataSize" json:"data_size"`
	// ComputerName: A string to assist in identifying the machine that generated the event.
	// In practice, the name of the computer. There are no character restrictions on this
	// field's content (for example, a FQDN can be used).<31>
	ComputerName *String `idl:"name:ComputerName" json:"computer_name"`
	// UserSID: Either NULL or a user SID. If this is NULL, the event is to have a zero
	// length UserSid field.
	UserSID *dtyp.SID `idl:"name:UserSID;pointer:unique" json:"user_sid"`
	// Strings: Specifies strings containing information specific to the event. This parameter
	// MUST be a valid pointer. If the NumStrings parameter is zero, this parameter MUST
	// be NULL. For example, an event relating to file deletion could use a string to specify
	// the path of the file being deleted.
	Strings []*String `idl:"name:Strings;size_is:(NumStrings);pointer:unique" json:"strings"`
	// Data: Pointer to the buffer that contains the event-specific binary data. This parameter
	// MUST be a valid pointer (or NULL), even if the DataSize parameter is 0.
	Data []byte `idl:"name:Data;size_is:(DataSize);pointer:unique" json:"data"`
	// Flags: Unused. MUST be set to zero when sent and MUST be ignored on receipt.
	Flags uint16 `idl:"name:Flags" json:"flags"`
	// RecordNumber: Unused. Can be set to any arbitrary value when sent, and any value
	// sent by the client MUST be ignored on receipt by the server.
	RecordNumber uint32 `idl:"name:RecordNumber;pointer:unique" json:"record_number"`
	// TimeWritten: Unused. Can be set to any arbitrary value when sent, and any value sent
	// by the client MUST be ignored on receipt by the server.
	TimeWritten uint32 `idl:"name:TimeWritten;pointer:unique" json:"time_written"`
}

ReportEventARequest structure represents the ElfrReportEventA operation request

func (*ReportEventARequest) MarshalNDR

func (o *ReportEventARequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ReportEventARequest) UnmarshalNDR

func (o *ReportEventARequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReportEventAResponse

type ReportEventAResponse struct {
	// RecordNumber: Unused. Can be set to any arbitrary value when sent, and any value
	// sent by the client MUST be ignored on receipt by the server.
	RecordNumber uint32 `idl:"name:RecordNumber;pointer:unique" json:"record_number"`
	// TimeWritten: Unused. Can be set to any arbitrary value when sent, and any value sent
	// by the client MUST be ignored on receipt by the server.
	TimeWritten uint32 `idl:"name:TimeWritten;pointer:unique" json:"time_written"`
	// Return: The ElfrReportEventA return value.
	Return int32 `idl:"name:Return" json:"return"`
}

ReportEventAResponse structure represents the ElfrReportEventA operation response

func (*ReportEventAResponse) MarshalNDR

func (o *ReportEventAResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ReportEventAResponse) UnmarshalNDR

func (o *ReportEventAResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReportEventAndSourceWRequest

type ReportEventAndSourceWRequest struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6. This handle MUST NOT be obtained via the ElfrOpenBELA
	// (section 3.1.4.2) method or the ElfrOpenBELW (section 3.1.4.1) method.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// Time: Time at which the event was generated by the event source (not the time at
	// which the event was logged). The time MUST be expressed as the number of seconds
	// since 00:00:00 on January 1, 1970 (UTC).
	Time uint32 `idl:"name:Time" json:"time"`
	// EventType: Type of the event, as specified in section 2.2.2.
	EventType uint16 `idl:"name:EventType" json:"event_type"`
	// EventCategory: Event category, as specified in section 1.8.5.
	EventCategory uint16 `idl:"name:EventCategory" json:"event_category"`
	// EventID: EventID, as specified in section 3.1.1.4.
	EventID uint32 `idl:"name:EventID" json:"event_id"`
	// SourceName: Specifies the name of the event source.
	SourceName *dtyp.UnicodeString `idl:"name:SourceName" json:"source_name"`
	// NumStrings: Number of strings in the array pointed to by the Strings parameter. If
	// no strings are present, this value MUST be set to zero.
	StringsLength uint16 `idl:"name:NumStrings" json:"strings_length"`
	// DataSize: Number of bytes of event-specific raw binary data to write to the log.
	// This binary data is passed in the Data parameter. If no event-specific data is present,
	// this parameter MUST be set to zero.
	DataSize uint32 `idl:"name:DataSize" json:"data_size"`
	// ComputerName: A string to assist in identifying the machine that generated the event.
	// In practice, the name of the computer. There are no character restrictions on this
	// field's content (for example, a FQDN can be used).
	ComputerName *dtyp.UnicodeString `idl:"name:ComputerName" json:"computer_name"`
	// UserSID: Either NULL or a user SID. If this is NULL, the event is to have a zero
	// length UserSid field.
	UserSID *dtyp.SID `idl:"name:UserSID;pointer:unique" json:"user_sid"`
	// Strings: Strings containing text information specific to the event. This parameter
	// MUST be a valid pointer. If the NumStrings parameter is zero, this parameter MUST
	// be NULL. For example, an event relating to file deletion could use a string to specify
	// the path of the file being deleted.
	Strings []*dtyp.UnicodeString `idl:"name:Strings;size_is:(NumStrings);pointer:unique" json:"strings"`
	// Data: Pointer to a buffer that contains binary information specific to the event.
	// This parameter MUST be a valid pointer (or NULL), even if the DataSize parameter
	// is zero.
	Data []byte `idl:"name:Data;size_is:(DataSize);pointer:unique" json:"data"`
	// Flags: Unused. MUST be set to zero when sent and MUST be ignored on receipt.
	Flags uint16 `idl:"name:Flags" json:"flags"`
	// RecordNumber: Unused. Can be set to any arbitrary value when sent, and any value
	// sent by the client MUST be ignored on receipt by the server.
	RecordNumber uint32 `idl:"name:RecordNumber;pointer:unique" json:"record_number"`
	// TimeWritten: Unused. Can be set to any arbitrary value when sent, and any value sent
	// by the client MUST be ignored on receipt by the server.
	TimeWritten uint32 `idl:"name:TimeWritten;pointer:unique" json:"time_written"`
}

ReportEventAndSourceWRequest structure represents the ElfrReportEventAndSourceW operation request

func (*ReportEventAndSourceWRequest) MarshalNDR

func (*ReportEventAndSourceWRequest) UnmarshalNDR

func (o *ReportEventAndSourceWRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReportEventAndSourceWResponse

type ReportEventAndSourceWResponse struct {
	// RecordNumber: Unused. Can be set to any arbitrary value when sent, and any value
	// sent by the client MUST be ignored on receipt by the server.
	RecordNumber uint32 `idl:"name:RecordNumber;pointer:unique" json:"record_number"`
	// TimeWritten: Unused. Can be set to any arbitrary value when sent, and any value sent
	// by the client MUST be ignored on receipt by the server.
	TimeWritten uint32 `idl:"name:TimeWritten;pointer:unique" json:"time_written"`
	// Return: The ElfrReportEventAndSourceW return value.
	Return int32 `idl:"name:Return" json:"return"`
}

ReportEventAndSourceWResponse structure represents the ElfrReportEventAndSourceW operation response

func (*ReportEventAndSourceWResponse) MarshalNDR

func (*ReportEventAndSourceWResponse) UnmarshalNDR

func (o *ReportEventAndSourceWResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReportEventExARequest

type ReportEventExARequest struct {
	// LogHandle: A handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6. This handle MUST NOT be obtained via the ElfrOpenBELA
	// (section 3.1.4.2) method or the ElfrOpenBELW (section 3.1.4.1) method. A handle received
	// from either of those two methods will have the backup flag set, so the server checks
	// this flag before calling this method.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// TimeGenerated: The time at which the event was generated by the event source. This
	// time is represented as a pointer to FILETIME as defined in [MS-DTYP] section 2.3.3.
	TimeGenerated *dtyp.Filetime `idl:"name:TimeGenerated" json:"time_generated"`
	// EventType: The type of the event, as specified in section 2.2.2.
	EventType uint16 `idl:"name:EventType" json:"event_type"`
	// EventCategory: The event category, as specified in section 1.8.5.
	EventCategory uint16 `idl:"name:EventCategory" json:"event_category"`
	// EventID: The EventID, as specified in section 3.1.1.4.
	EventID uint32 `idl:"name:EventID" json:"event_id"`
	// NumStrings: The number of strings in the array pointed to by the Strings parameter.
	// A value of zero indicates that no strings are present.
	StringsLength uint16 `idl:"name:NumStrings" json:"strings_length"`
	// DataSize: The number of bytes of event-specific raw binary data to write to the log.
	// This binary data is passed in the Data parameter. If the DataSize parameter is zero,
	// event-specific data MUST NOT be present.
	DataSize uint32 `idl:"name:DataSize" json:"data_size"`
	// ComputerName: A string to assist in identifying the machine that generated the event.
	// In practice, the name of the computer. There are no character restrictions on this
	// field's content (for example, a FQDN can be used). The API is not intended to support
	// dynamically changing computer names. The ComputerName parameter is cached the first
	// time a client calls the API, and SHOULD use that name on subsequent calls until the
	// machine is rebooted.
	ComputerName *String `idl:"name:ComputerName" json:"computer_name"`
	// UserSID: Either NULL or a user SID. If this is NULL, the event is to have a zero
	// length UserSid field.
	UserSID *dtyp.SID `idl:"name:UserSID;pointer:unique" json:"user_sid"`
	// Strings: Specifies strings containing information specific to the event. This parameter
	// MUST be a valid pointer. If the NumStrings parameter is zero, this parameter MUST
	// be NULL. For example, an event relating to file deletion could use a string to specify
	// the path of the file being deleted.
	Strings []*String `idl:"name:Strings;size_is:(NumStrings);pointer:unique" json:"strings"`
	// Data: A pointer to the buffer that contains the event-specific binary data. This
	// parameter MUST be a valid pointer (or NULL), even if the DataSize parameter is zero.
	Data []byte `idl:"name:Data;size_is:(DataSize);pointer:unique" json:"data"`
	// Flags: Unused. MUST be set to zero when sent and MUST be ignored on receipt.
	Flags uint16 `idl:"name:Flags" json:"flags"`
	// RecordNumber: Unused. This can be set to any arbitrary value when sent. Any value
	// sent by the client MUST be ignored on receipt by the server.
	RecordNumber uint32 `idl:"name:RecordNumber;pointer:unique" json:"record_number"`
}

ReportEventExARequest structure represents the ElfrReportEventExA operation request

func (*ReportEventExARequest) MarshalNDR

func (o *ReportEventExARequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ReportEventExARequest) UnmarshalNDR

func (o *ReportEventExARequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReportEventExAResponse

type ReportEventExAResponse struct {
	// RecordNumber: Unused. This can be set to any arbitrary value when sent. Any value
	// sent by the client MUST be ignored on receipt by the server.
	RecordNumber uint32 `idl:"name:RecordNumber;pointer:unique" json:"record_number"`
	// Return: The ElfrReportEventExA return value.
	Return int32 `idl:"name:Return" json:"return"`
}

ReportEventExAResponse structure represents the ElfrReportEventExA operation response

func (*ReportEventExAResponse) MarshalNDR

func (o *ReportEventExAResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ReportEventExAResponse) UnmarshalNDR

func (o *ReportEventExAResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReportEventExWRequest

type ReportEventExWRequest struct {
	// LogHandle: A handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6. This handle MUST NOT be obtained via the ElfrOpenBELA
	// (section 3.1.4.2) method or the ElfrOpenBELW (section 3.1.4.1) method. A handle received
	// from either of those two methods will have the backup flag set, so the server checks
	// this flag before calling this method.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// TimeGenerated: The time at which the event was generated by the event source. This
	// time is represented as a pointer to FILETIME as defined in [MS-DTYP] section 2.3.3.<34>
	TimeGenerated *dtyp.Filetime `idl:"name:TimeGenerated" json:"time_generated"`
	// EventType: The type of event, as specified in section 2.2.2.
	EventType uint16 `idl:"name:EventType" json:"event_type"`
	// EventCategory: The event category, as specified in section 1.8.5.
	EventCategory uint16 `idl:"name:EventCategory" json:"event_category"`
	// EventID: The EventID, as specified in section 3.1.1.4.
	EventID uint32 `idl:"name:EventID" json:"event_id"`
	// NumStrings: The number of strings in the array pointed to by the Strings parameter.
	// A value of zero indicates that no strings are present.
	StringsLength uint16 `idl:"name:NumStrings" json:"strings_length"`
	// DataSize: The number of bytes of event-specific raw binary data to write to the log.
	// This binary data is passed in the Data parameter. If the DataSize parameter is zero,
	// event-specific data MUST NOT be present.
	DataSize uint32 `idl:"name:DataSize" json:"data_size"`
	// ComputerName: A string to assist in identifying the machine that generated the event;
	// for example, the name of the computer. There are no character restrictions on this
	// field's content (for example, a FQDN can be used). The API is not intended to support
	// dynamically changing computer names. The ComputerName parameter is cached the first
	// time a client calls the API, and that name used on subsequent calls until the machine
	// is rebooted.
	ComputerName *dtyp.UnicodeString `idl:"name:ComputerName" json:"computer_name"`
	// UserSID: Either NULL or a user SID. If this is NULL, the event is to have a zero
	// length UserSid field.
	UserSID *dtyp.SID `idl:"name:UserSID;pointer:unique" json:"user_sid"`
	// Strings: Specifies the strings containing information specific to the event. This
	// parameter MUST be a valid pointer. If the NumStrings parameter is zero, this parameter
	// MUST be NULL. For example, an event relating to file deletion could use a string
	// to specify the path of the file being deleted.
	Strings []*dtyp.UnicodeString `idl:"name:Strings;size_is:(NumStrings);pointer:unique" json:"strings"`
	// Data: A pointer to the buffer that contains the event-specific binary data. This
	// parameter MUST be a valid pointer (or NULL), even if the DataSize parameter is zero.
	Data []byte `idl:"name:Data;size_is:(DataSize);pointer:unique" json:"data"`
	// Flags: Unused. MUST be set to zero when sent and MUST be ignored on receipt.
	Flags uint16 `idl:"name:Flags" json:"flags"`
	// RecordNumber: Unused. Can be set to any arbitrary value when sent, and any value
	// sent by the client MUST be ignored on receipt by the server.
	RecordNumber uint32 `idl:"name:RecordNumber;pointer:unique" json:"record_number"`
}

ReportEventExWRequest structure represents the ElfrReportEventExW operation request

func (*ReportEventExWRequest) MarshalNDR

func (o *ReportEventExWRequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ReportEventExWRequest) UnmarshalNDR

func (o *ReportEventExWRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReportEventExWResponse

type ReportEventExWResponse struct {
	// RecordNumber: Unused. Can be set to any arbitrary value when sent, and any value
	// sent by the client MUST be ignored on receipt by the server.
	RecordNumber uint32 `idl:"name:RecordNumber;pointer:unique" json:"record_number"`
	// Return: The ElfrReportEventExW return value.
	Return int32 `idl:"name:Return" json:"return"`
}

ReportEventExWResponse structure represents the ElfrReportEventExW operation response

func (*ReportEventExWResponse) MarshalNDR

func (o *ReportEventExWResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ReportEventExWResponse) UnmarshalNDR

func (o *ReportEventExWResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReportEventWRequest

type ReportEventWRequest struct {
	// LogHandle: Handle to an event log. This parameter is a server context handle, as
	// specified in section 2.2.6. This handle MUST NOT be obtained via the ElfrOpenBELA
	// (section 3.1.4.2) method or the ElfrOpenBELW (section 3.1.4.1) method. A handle received
	// from either of those two methods will have the backup flag set, so the server checks
	// this flag before calling this method.
	Log *Handle `idl:"name:LogHandle" json:"log"`
	// Time: Time at which the event was generated by the event source (not the time at
	// which the event was logged). The time MUST be expressed as the number of seconds
	// since 00:00:00 on January 1, 1970 (UTC).
	Time uint32 `idl:"name:Time" json:"time"`
	// EventType: Type of the event, as specified in section 2.2.2.
	EventType uint16 `idl:"name:EventType" json:"event_type"`
	// EventCategory: Event category, as specified in section 1.8.5.
	EventCategory uint16 `idl:"name:EventCategory" json:"event_category"`
	// EventID: EventID, as specified in section 3.1.1.4.
	EventID uint32 `idl:"name:EventID" json:"event_id"`
	// NumStrings: Number of strings in the array pointed to by the Strings parameter. A
	// value of zero indicates that no strings are present.
	StringsLength uint16 `idl:"name:NumStrings" json:"strings_length"`
	// DataSize: Number of bytes of event-specific raw binary data to write to the log.
	// This binary data is passed in the Data parameter. If the DataSize parameter is zero,
	// event-specific data MUST NOT be present.
	DataSize uint32 `idl:"name:DataSize" json:"data_size"`
	// ComputerName: A string to assist in identifying the machine that generated the event.
	// In practice, the name of the computer. There are no character restrictions on this
	// field's content (for example, a FQDN can be used). The API is not intended to support
	// dynamically changing computer names. The ComputerName parameter SHOULD<27> be cached
	// the first time a client calls the API, and SHOULD use that name on subsequent calls
	// until the machine is rebooted.
	ComputerName *dtyp.UnicodeString `idl:"name:ComputerName" json:"computer_name"`
	// UserSID: Either NULL or a user SID. If this is NULL, the event is to have a zero
	// length UserSid field.
	UserSID *dtyp.SID `idl:"name:UserSID;pointer:unique" json:"user_sid"`
	// Strings: Specifies strings containing information specific to the event. This parameter
	// MUST be a valid pointer. If the NumStrings parameter is zero, this parameter MUST
	// be NULL. For example, an event relating to file deletion could use a string to specify
	// the path of the file being deleted.
	Strings []*dtyp.UnicodeString `idl:"name:Strings;size_is:(NumStrings);pointer:unique" json:"strings"`
	// Data: Pointer to the buffer that contains the event-specific binary data. This parameter
	// MUST be a valid pointer (or NULL), even if the DataSize parameter is zero.
	Data []byte `idl:"name:Data;size_is:(DataSize);pointer:unique" json:"data"`
	// Flags: Unused. MUST be set to zero when sent and MUST be ignored on receipt.
	Flags uint16 `idl:"name:Flags" json:"flags"`
	// RecordNumber: Unused. Can be set to any arbitrary value when sent, and any value
	// sent by the client MUST be ignored on receipt by the server.
	RecordNumber uint32 `idl:"name:RecordNumber;pointer:unique" json:"record_number"`
	// TimeWritten: Unused. Can be set to any arbitrary value when sent, and any value sent
	// by the client MUST be ignored on receipt by the server.
	TimeWritten uint32 `idl:"name:TimeWritten;pointer:unique" json:"time_written"`
}

ReportEventWRequest structure represents the ElfrReportEventW operation request

func (*ReportEventWRequest) MarshalNDR

func (o *ReportEventWRequest) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ReportEventWRequest) UnmarshalNDR

func (o *ReportEventWRequest) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type ReportEventWResponse

type ReportEventWResponse struct {
	// RecordNumber: Unused. Can be set to any arbitrary value when sent, and any value
	// sent by the client MUST be ignored on receipt by the server.
	RecordNumber uint32 `idl:"name:RecordNumber;pointer:unique" json:"record_number"`
	// TimeWritten: Unused. Can be set to any arbitrary value when sent, and any value sent
	// by the client MUST be ignored on receipt by the server.
	TimeWritten uint32 `idl:"name:TimeWritten;pointer:unique" json:"time_written"`
	// Return: The ElfrReportEventW return value.
	Return int32 `idl:"name:Return" json:"return"`
}

ReportEventWResponse structure represents the ElfrReportEventW operation response

func (*ReportEventWResponse) MarshalNDR

func (o *ReportEventWResponse) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*ReportEventWResponse) UnmarshalNDR

func (o *ReportEventWResponse) UnmarshalNDR(ctx context.Context, r ndr.Reader) error

type String

type String struct {
	// Length:  The number of bytes (not the number of characters) in the string. This does
	// not include the null terminator.
	Length uint16 `idl:"name:Length" json:"length"`
	// MaximumLength:  If the string is the empty string, this MUST be set to zero. Otherwise,
	// it MUST be the number of bytes in the string, including the null terminator (that
	// is, it MUST be equal to the Length member plus 1).
	MaximumLength uint16 `idl:"name:MaximumLength" json:"maximum_length"`
	// Buffer:  Either a pointer to a buffer containing a null-terminated non-empty ANSI
	// string or NULL to indicate an empty string.
	Buffer []byte `idl:"name:Buffer;size_is:(MaximumLength)" json:"buffer"`
}

String structure represents RPC_STRING RPC structure.

EventLog Remoting Protocol APIs use the RPC_STRING to specify an ANSI string parameter.

func (*String) MarshalNDR

func (o *String) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*String) UnmarshalNDR

func (o *String) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL