wevtapi

package
v0.0.0-...-dfc23e4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 2, 2023 License: Apache-2.0 Imports: 3 Imported by: 1

Documentation

Rendered for windows/amd64

Overview

Package wevtapi includes documented Windows Event Log constants, enumerations, functions, structures.

Index

Constants

View Source 
const (
	// EVT_CHANNEL_CONFIG_PROPERTY_ID
	EvtChannelConfigEnabled EvtChannelConfigPropertyID = iota
	EvtChannelConfigIsolation
	EvtChannelConfigType
	EvtChannelConfigOwningPublisher
	EvtChannelConfigClassicEventlog
	EvtChannelConfigAccess
	EvtChannelLoggingConfigRetention
	EvtChannelLoggingConfigAutoBackup
	EvtChannelLoggingConfigMaxSize
	EvtChannelLoggingConfigLogFilePath
	EvtChannelPublishingConfigLevel
	EvtChannelPublishingConfigKeywords
	EvtChannelPublishingConfigControlGuid
	EvtChannelPublishingConfigBufferSize
	EvtChannelPublishingConfigMinBuffers
	EvtChannelPublishingConfigMaxBuffers
	EvtChannelPublishingConfigLatency
	EvtChannelPublishingConfigClockType
	EvtChannelPublishingConfigSidType
	EvtChannelPublisherList
	EvtChannelPublishingConfigFileMax
	EvtChannelConfigPropertyIdEND

	// EVT_FORMAT_MESSAGE_FLAGS
	EvtFormatMessageEvent    = 1
	EvtFormatMessageLevel    = 2
	EvtFormatMessageTask     = 3
	EvtFormatMessageOpcode   = 4
	EvtFormatMessageKeyword  = 5
	EvtFormatMessageChannel  = 6
	EvtFormatMessageProvider = 7
	EvtFormatMessageId       = 8
	EvtFormatMessageXml      = 9

	// EVT_OPEN_LOG_FLAGS
	EvtOpenChannelPath = 1
	EvtOpenFilePath    = 2

	// EVT_RENDER_FLAGS
	EvtRenderEventValues = 0
	EvtRenderEventXml    = 1
	EvtRenderBookmark    = 2

	// EVT_QUERY_FLAGS
	EvtQueryChannelPath         = 0x1
	EvtQueryFilePath            = 0x2
	EvtQueryForwardDirection    = 0x100
	EvtQueryReverseDirection    = 0x200
	EvtQueryTolerateQueryErrors = 0x1000

	// EVT_SEEK_FLAGS
	EvtSeekRelativeToFirst    = 1
	EvtSeekRelativeToLast     = 2
	EvtSeekRelativeToCurrent  = 3
	EvtSeekRelativeToBookmark = 4
	EvtSeekOriginMask         = 7
	EvtSeekStrict             = 0x10000

	// EVT_SUBSCRIBE_FLAGS
	EvtSubscribeToFutureEvents      = 1
	EvtSubscribeStartAtOldestRecord = 2
	EvtSubscribeStartAfterBookmark  = 3
	EvtSubscribeOriginMask          = 0x3
	EvtSubscribeTolerateQueryErrors = 0x1000
	EvtSubscribeStrict              = 0x10000

	// EVT_SUBSCRIBE_NOTIFY_ACTION
	EvtSubscribeActionError   = 0
	EvtSubscribeActionDeliver = 1
)

Windows Event Log Enumerations https://msdn.microsoft.com/en-us/library/windows/desktop/aa385783(v=vs.85).aspx

View Source 
const (
	EVT_VARIANT_TYPE_MASK  = 0x7f
	EVT_VARIANT_TYPE_ARRAY = 128
	EVT_READ_ACCESS        = 0x1
	EVT_WRITE_ACCESS       = 0x2
	EVT_CLEAR_ACCESS       = 0x3
	EVT_ALL_ACCESS         = 0x4
)

Windows Event Log Constants https://msdn.microsoft.com/en-us/library/windows/desktop/aa385781(v=vs.85).aspx

View Source 
const (
	ERROR_EVT_INVALID_CHANNEL_PATH                          syscall.Errno = 15000
	ERROR_EVT_INVALID_QUERY                                 syscall.Errno = 15001
	ERROR_EVT_PUBLISHER_METADATA_NOT_FOUND                  syscall.Errno = 15002
	ERROR_EVT_EVENT_TEMPLATE_NOT_FOUND                      syscall.Errno = 15003
	ERROR_EVT_INVALID_PUBLISHER_NAME                        syscall.Errno = 15004
	ERROR_EVT_INVALID_EVENT_DATA                            syscall.Errno = 15005
	ERROR_EVT_CHANNEL_NOT_FOUND                             syscall.Errno = 15007
	ERROR_EVT_MALFORMED_XML_TEXT                            syscall.Errno = 15008
	ERROR_EVT_SUBSCRIPTION_TO_DIRECT_CHANNEL                syscall.Errno = 15009
	ERROR_EVT_CONFIGURATION_ERROR                           syscall.Errno = 15010
	ERROR_EVT_QUERY_RESULT_STALE                            syscall.Errno = 15011
	ERROR_EVT_QUERY_RESULT_INVALID_POSITION                 syscall.Errno = 15012
	ERROR_EVT_NON_VALIDATING_MSXML                          syscall.Errno = 15013
	ERROR_EVT_FILTER_ALREADYSCOPED                          syscall.Errno = 15014
	ERROR_EVT_FILTER_NOTELTSET                              syscall.Errno = 15015
	ERROR_EVT_FILTER_INVARG                                 syscall.Errno = 15016
	ERROR_EVT_FILTER_INVTEST                                syscall.Errno = 15017
	ERROR_EVT_FILTER_INVTYPE                                syscall.Errno = 15018
	ERROR_EVT_FILTER_PARSEERR                               syscall.Errno = 15019
	ERROR_EVT_FILTER_UNSUPPORTEDOP                          syscall.Errno = 15020
	ERROR_EVT_FILTER_UNEXPECTEDTOKEN                        syscall.Errno = 15021
	ERROR_EVT_INVALID_OPERATION_OVER_ENABLED_DIRECT_CHANNEL syscall.Errno = 15022
	ERROR_EVT_INVALID_CHANNEL_PROPERTY_VALUE                syscall.Errno = 15023
	ERROR_EVT_INVALID_PUBLISHER_PROPERTY_VALUE              syscall.Errno = 15024
	ERROR_EVT_CHANNEL_CANNOT_ACTIVATE                       syscall.Errno = 15025
	ERROR_EVT_FILTER_TOO_COMPLEX                            syscall.Errno = 15026
	ERROR_EVT_MESSAGE_NOT_FOUND                             syscall.Errno = 15027
	ERROR_EVT_MESSAGE_ID_NOT_FOUND                          syscall.Errno = 15028
	ERROR_EVT_UNRESOLVED_VALUE_INSERT                       syscall.Errno = 15029
	ERROR_EVT_UNRESOLVED_PARAMETER_INSERT                   syscall.Errno = 15030
	ERROR_EVT_MAX_INSERTS_REACHED                           syscall.Errno = 15031
	ERROR_EVT_EVENT_DEFINITION_NOT_FOUND                    syscall.Errno = 15032
	ERROR_EVT_MESSAGE_LOCALE_NOT_FOUND                      syscall.Errno = 15033
	ERROR_EVT_VERSION_TOO_OLD                               syscall.Errno = 15034
	ERROR_EVT_VERSION_TOO_NEW                               syscall.Errno = 15035
	ERROR_EVT_CANNOT_OPEN_CHANNEL_OF_QUERY                  syscall.Errno = 15036
	ERROR_EVT_PUBLISHER_DISABLED                            syscall.Errno = 15037
	ERROR_EVT_FILTER_OUT_OF_RANGE                           syscall.Errno = 15038
)

Windows Event Log Error Constants https://msdn.microsoft.com/en-us/library/windows/desktop/aa820708(v=vs.85).aspx

Variables

This section is empty.

Functions

func EvtClearLog 

func EvtClearLog(session windows.Handle, channelPath *uint16, targetFilePath *uint16, flags uint32) (err error)

func EvtClose 

func EvtClose(event windows.Handle) (err error)

func EvtCreateBookmark 

func EvtCreateBookmark(bookmarkXML *uint16) (handle windows.Handle, err error)

func EvtCreateRenderContext 

func EvtCreateRenderContext(valuePathsCount uint32, valuePaths uintptr, flags uint32) (handle windows.Handle, err error)

func EvtExportLog 

func EvtExportLog(session windows.Handle, path *uint16, query *uint16, targetFilePath *uint16, flags uint32) (err error)

func EvtFormatMessage 

func EvtFormatMessage(pubMetaData windows.Handle, event windows.Handle, messageID uint32, valueCount uint32, variant uintptr, flags uint32, bufferSize uint32, buffer *byte, bufferUsed *uint32) (err error)

func EvtGetChannelConfigProperty 

func EvtGetChannelConfigProperty(channelConfig windows.Handle, propertyID EvtChannelConfigPropertyID, flags uint32, bufferSize uint32, buffer unsafe.Pointer, bufferUsed *uint32) (err error)

func EvtNext 

func EvtNext(resultSet windows.Handle, eventArraySize uint32, eventArray *windows.Handle, timeout uint32, flags uint32, returned *uint32) (err error)

func EvtNextChannelPath 

func EvtNextChannelPath(channelEnum windows.Handle, channelPathBufferSize uint32, channelPathBuffer *uint16, channelPathBufferUsed *uint32) (err error)

func EvtNextPublisherId 

func EvtNextPublisherId(publisherEnum windows.Handle, publisherIDBufferSize uint32, publisherIDBuffer *uint16, publisherIDBufferUsed *uint32) (err error)

func EvtOpenChannelConfig 

func EvtOpenChannelConfig(event windows.Handle, channelPath *uint16, flags uint32) (handle windows.Handle, err error)

func EvtOpenChannelEnum 

func EvtOpenChannelEnum(session windows.Handle, flags uint32) (handle windows.Handle, err error)

func EvtOpenLog 

func EvtOpenLog(session windows.Handle, path *uint16, flags uint32) (handle windows.Handle, err error)

func EvtOpenPublisherEnum 

func EvtOpenPublisherEnum(session windows.Handle, flags uint32) (handle windows.Handle, err error)

func EvtOpenPublisherMetadata 

func EvtOpenPublisherMetadata(session windows.Handle, publisherIdentity *uint16, logFilePath *uint16, locale uint32, flags uint32) (handle windows.Handle, err error)

func EvtOpenSession 

func EvtOpenSession(loginClass uint32, login uintptr, timeout uint32, flags uint32) (handle windows.Handle, err error)

func EvtQuery 

func EvtQuery(session windows.Handle, path *uint16, query *uint16, flags uint32) (handle windows.Handle, err error)

func EvtRender 

func EvtRender(ctx windows.Handle, fragment windows.Handle, flags uint32, bufferSize uint32, buffer unsafe.Pointer, bufferUsed *uint32, propertyCount *uint32) (err error)

func EvtSeek 

func EvtSeek(resultSet windows.Handle, position int64, bookmark windows.Handle, timeout uint32, flags uint32) (err error)

func EvtSubscribe 

func EvtSubscribe(session windows.Handle, signalEvent windows.Handle, channelPath *uint16, query *uint16, bookmark windows.Handle, ctx uintptr, callback uintptr, flags uint32) (handle windows.Handle, err error)

func EvtUpdateBookmark 

func EvtUpdateBookmark(bookmark windows.Handle, event windows.Handle) (err error)

Types

type EvtChannelConfigPropertyID 

type EvtChannelConfigPropertyID uint32

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.