📄 snmpeldl.cpp
字号:
hkRegResult, lastError);
WriteLog(SNMPELEA_ERROR_CLOSING_REG_PARM_KEY,
HandleToUlong(hkRegResult), lastError);
}
}
VOID
KillLog(
IN VOID
)
/*++
Routine Description:
This routine will terminate the SNMPELLG thread, usually due to a dll
or a system failure.
Arguments:
None
Return Value:
None
--*/
{
LONG lastError; // for GetLastError()
WriteTrace(0x0a,"KillLog: Terminating SNMPELPT thread %08X\n",hServThrd);
if ( !TerminateThread(hServThrd, 0) )
{
lastError = GetLastError(); // save error status
WriteTrace(0x14,"KillLog: Error terminating SNMPELPT thread %08X is %lu\n",
hServThrd, lastError);
WriteLog(SNMPELEA_ERROR_TERMINATE_LOG_THREAD,
HandleToUlong(hServThrd), lastError); // log error message
}
}
VOID
CloseLogs(
IN VOID
)
/*++
Routine Description:
This routine is called to close the currently open event logs. It is
called when the agent is terminating normally and if an error is
encountered during agent initialization.
Arguments:
None
Return Value:
None
--*/
{
UINT uVal; // temporary counter
WriteTrace(0x0a,"CloseLogs: Closing event logs\n");
for (uVal = 0; uVal < uNumEventLogs; uVal++)
{
WriteTrace(0x00,"CloseLogs: Closing event log %s, handle %lu at %08X\n",
lpszEventLogs+uVal*(MAX_PATH+1), uVal, *(phEventLogs+uVal));
CloseEventLog(*(phEventLogs+uVal));
if (*(phPrimHandles+uVal) != (HMODULE) NULL)
{
WriteTrace(0x00,"CloseLogs: Freeing PrimaryModule for event log %s, handle %lu at %08X\n",
lpszEventLogs+uVal*(MAX_PATH+1), uVal, *(phPrimHandles+uVal));
FreeLibrary(*(phPrimHandles+uVal));
}
}
WriteTrace(0x0a,"CloseLogs: Freeing memory for event log handles at address %08X\n",
phEventLogs);
SNMP_free( (LPVOID) phEventLogs ); // free event log handle array
WriteTrace(0x0a,"CloseLogs: Freeing memory for PrimaryModule handles at address %08X\n",
phPrimHandles);
SNMP_free( (LPVOID) phPrimHandles ); // free primary module handle array
WriteTrace(0x0a,"CloseLogs: Freeing memory for event log names at address %08X\n",
lpszEventLogs);
SNMP_free( (LPVOID) lpszEventLogs ); // free log name array
}
extern "C" {
BOOL
Position_to_Log_End(
IN HANDLE hLog
)
/*++
Routine Description:
Position_to_Log_End is called during DLL initialization. After each
event log file is successfully opened, it is necessary to position each
event log file to the current end of file. This way, only the events
logged after the DLL has been started are reported. This routine will
position the requested log to the end of file.
Positioning to the end of the event log file is done by first getting
the number of the oldest event log record. This value is then added to
the number of event log records minus one. The resulting value is the
record number of the last record in the event log file. ReadEventLog is
called, specifying the seek parameter, to position to that exact record
number.
Arguments:
hLog - Handle of the log file to position to end of file.
Return Value:
TRUE - If the log was successfully positioned to end of file.
FALSE - If the log was not positioned to end of file.
--*/
{
LONG lastError; // last error code
PEVENTLOGRECORD lpBuffer; // address of data buffer
PEVENTLOGRECORD lpOrigBuffer; // address of data buffer
DWORD nBytesRead; // number of bytes read
DWORD nMinNumberofBytesNeeded; // remainder if buffer too small
DWORD dwOldestRecord; // oldest record number in event log
DWORD dwRecords; // total number of records in event log
DWORD uRecordNumber; // current log position
WriteTrace(0x0a,"Position_to_Log_End: Entering position to end of log routine\n");
WriteTrace(0x00,"Position_to_Log_End: Handle is %08X\n",hLog);
if (!hLog) // if handle is invalid
{ // then we cannot position correctly
WriteTrace(0x14,"Position_to_Log_End: Handle for end of log is invalid - %08X\n",
hLog);
WriteTrace(0x14,"Position_to_Log_End: Log position to end failed\n");
WriteLog(SNMPELEA_LOG_HANDLE_INVALID, HandleToUlong(hLog)); // log error message
WriteLog(SNMPELEA_ERROR_LOG_END); // log the message
return FALSE; // exit function
}
WriteTrace(0x0a,"Position_to_Log_End: Allocating log buffer\n");
lpBuffer = (PEVENTLOGRECORD) SNMP_malloc(LOG_BUF_SIZE); // allocate memory for buffer
if (lpBuffer == (PEVENTLOGRECORD) NULL) // if memory allocation failed
{ // then can't position log file
WriteTrace(0x14,"Position_to_Log_End: Position to end of log for handle %08X failed\n",
hLog);
WriteTrace(0x14,"Position_to_Log_End: Buffer memory allocation failed\n");
WriteLog(SNMPELEA_ERROR_LOG_BUFFER_ALLOCATE, HandleToUlong(hLog)); // log error message
WriteLog(SNMPELEA_ERROR_LOG_END); // log the message
return FALSE; // exit the function
}
WriteTrace(0x00,"Position_to_Log_End: Log buffer memory allocated at %08X\n", lpBuffer);
WriteTrace(0x0a,"Position_to_Log_End: Positioning to last record\n");
WriteTrace(0x0a,"Position_to_Log_End: Getting oldest event log record\n");
if ( !GetOldestEventLogRecord(hLog, &dwOldestRecord) )
{
lastError = GetLastError(); // get last error code
WriteTrace(0x0a,"Position_to_Log_End: Freeing log event record buffer %08X\n",
lpBuffer);
SNMP_free(lpBuffer); // free up buffer memory
WriteTrace(0x14,"Position_to_Log_End: GetOldestEventLogRecord for log handle %08X failed with code %lu\n",
hLog, lastError);
WriteLog(SNMPELEA_ERROR_LOG_GET_OLDEST_RECORD, HandleToUlong(hLog), lastError); // log error message
WriteLog(SNMPELEA_ERROR_LOG_END); // log the message
return FALSE;
}
WriteTrace(0x00,"Position_to_Log_End: Oldest event log record is %lu\n",dwOldestRecord);
WriteTrace(0x00,"Position_to_Log_End: Getting number of event log records\n");
if ( !GetNumberOfEventLogRecords(hLog, &dwRecords) )
{
lastError = GetLastError(); // get last error code
WriteTrace(0x0a,"Position_to_Log_End: Freeing log event record buffer\n");
SNMP_free(lpBuffer); // free up buffer memory
WriteTrace(0x14,"Position_to_Log_End: GetNumberOfEventLogRecords for log handle %08X failed with code %lu\n",
hLog, lastError);
WriteLog(SNMPELEA_ERROR_LOG_GET_NUMBER_RECORD, HandleToUlong(hLog), lastError); // log error message
WriteLog(SNMPELEA_ERROR_LOG_END); // log the message
return FALSE;
}
WriteTrace(0x00,"Position_to_Log_End: Number of event log records is %lu\n",dwRecords);
uRecordNumber = dwOldestRecord + dwRecords - 1; // current EOF
WriteTrace(0x00,"Position_to_Log_End: Positioning to record #%lu\n",
uRecordNumber);
if ( !ReadEventLog(hLog, // log file handle to read
EVENTLOG_SEEK_READ | EVENTLOG_FORWARDS_READ, // seek forward to specific record
uRecordNumber, // record # to position to
lpBuffer, // buffer to return log record in
LOG_BUF_SIZE, // size of buffer
&nBytesRead, // return bytes read this time
&nMinNumberofBytesNeeded)) // return bytes needed for next full record
{
lastError = GetLastError(); // get last error code
WriteTrace(0x0a,"Position_to_Log_End: Freeing log event record buffer %08X\n",
lpBuffer);
SNMP_free(lpBuffer); // free buffer memory
if (lastError == ERROR_HANDLE_EOF)
{
WriteTrace(0x00,"Position_to_Log_End: Handle %08X positioned at EOF\n",hLog);
WriteTrace(0x0a,"Position_to_Log_End: Returning from position to end of log function\n");
return TRUE;
}
WriteTrace(0x14,"Position_to_Log_End: SEEK to record in event log %08X failed with code %lu\n",
hLog, lastError);
WriteLog(SNMPELEA_ERROR_LOG_SEEK, HandleToUlong(hLog), lastError); // log error message
WriteLog(SNMPELEA_ERROR_LOG_END); // log the message
WriteTrace(0x00,"Position_to_Log_End: BytesRead is %lu\n", nBytesRead);
WriteTrace(0x00,"Position_to_Log_End: MinNumberofBytesNeeded is %lu\n",
nMinNumberofBytesNeeded);
return FALSE;
}
WriteTrace(0x0a,"Position_to_Log_End: Reading any residual records\n");
lpOrigBuffer = lpBuffer; // save original buffer address
nBytesRead = 0; // reset byte count to nothing first
lastError = 0; // show no current error
while (ReadEventLog(hLog,
EVENTLOG_FORWARDS_READ | EVENTLOG_SEQUENTIAL_READ,
0,
lpBuffer,
LOG_BUF_SIZE,
&nBytesRead,
&nMinNumberofBytesNeeded))
{
lastError = GetLastError(); // get last error code
while (nBytesRead)
{
WriteTrace(0x00,"Position_to_Log_End: Number of bytes read for residual read is %lu\n",
nBytesRead);
uRecordNumber = lpBuffer->RecordNumber; // save record number
nBytesRead -= lpBuffer->Length; // reduce by this record count
lpBuffer = (PEVENTLOGRECORD) ((LPBYTE) lpBuffer +
lpBuffer->Length); // point to next record
}
lpBuffer = lpOrigBuffer; // reload original address
}
WriteTrace(0x0a,"Position_to_Log_End: Checking for EOF return\n");
WriteTrace(0x0a,"Position_to_Log_End: Freeing event log buffer memory %08X\n",
lpOrigBuffer);
SNMP_free(lpOrigBuffer); // free buffer memory
if ( (lastError == ERROR_HANDLE_EOF) || // if at the last record now
(lastError == NO_ERROR) ) // if no error occured
{
WriteTrace(0x00,"Position_to_Log_End: Handle %08X positioned at EOF; record #%lu\n",
hLog, uRecordNumber);
WriteTrace(0x0a,"Position_to_Log_End: Returning from position to end of log function\n");
return TRUE; // return all okay
}
else // otherwise
{
WriteTrace(0x14,"Position_to_Log_End: Read for handle %08X failed with code %lu\n",
hLog, lastError);
WriteTrace(0x14,"Position_to_Log_End: Log not positioned to end\n");
WriteLog(SNMPELEA_ERROR_READ_LOG_EVENT, HandleToUlong(hLog), lastError); // log error message
WriteLog(SNMPELEA_ERROR_LOG_END); // log the message
return FALSE; // give bad return code
}
}
}
extern "C" {
BOOL
Read_Registry_Parameters(
IN VOID
)
/*++
Routine Description:
Read_Registry_Parameters is called during SNMP trap initialization. The
registry information is read to determine the trace file name (TraceFileName),
the level of tracing desired (TraceLevel), the base enterprise OID (BaseEnterpriseOID),
the supported view (SupportedView), and the message trimming flag (TrimMessage).
Also, the names of the event logs to monitor are read from the registry.
If no event logs are specified, the routine will terminate, as there is no work to perform.
If, during the course of reading the registry information, a parameter
is encountered that is not expected, an event log record is written and
the parameter is ignored.
The registry layout is as follows:
HKEY_LOCAL_MACHINE
SOFTWARE
Microsoft
SNMP_EVENTS
EventLog
Parameters
TraceFileName (REG_EXPAND_SZ)
TraceLevel (REG_DWORD)
BaseEnterpriseOID (REG_SZ)
SupportedView (REG_SZ)
TrimMessage (REG_DWORD)
MaxTrapSize (REG_DWORD)
TrimFlag (REG_DWORD)
ThresholdEnabled (REG_DWORD)
ThresholdFlag (REG_DWORD)
ThresholdCount (REG_DWORD)
ThresholdTime (REG_DWORD)
LastBootTime (REG_DWORD)
Arguments:
None
Return Value:
TRUE - If registry parameters were processed successfully.
FALSE - If registry parameters could not be read or if there were
no event logs specified to monitor.
--*/
{
LONG lastError; // return code from GetLastError()
LONG status; // status of API calls
HKEY hkResult, hkResult2; // handle returned from API
DWORD iValue; // temporary counter
DWORD dwType; // type of the parameter read
TCHAR parmName[MAX_PATH+1]; // name of the parameter read
DWORD nameSize; // length of parameter name
TCHAR parm[MAX_PATH+1]; // value of the parameter
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -