📄 evntrace.h
字号:
typedef VOID (*PEVENT_CALLBACK)( PEVENT_TRACE pEvent );
//
// Prototype for service request callback. Data providers register with WMI
// by passing a service request callback function that is called for all
// wmi requests.
typedef ULONG (
#ifndef MIDL_PASS
WINAPI
#endif
*WMIDPREQUEST)(
IN WMIDPREQUESTCODE RequestCode,
IN PVOID RequestContext,
IN OUT ULONG *BufferSize,
IN OUT PVOID Buffer
);
struct _EVENT_TRACE_LOGFILEW {
LPWSTR LogFileName; // Logfile Name
LPWSTR LoggerName; // LoggerName
LONGLONG CurrentTime; // timestamp of last event
ULONG BuffersRead; // buffers read to date
ULONG LogFileMode; // Mode of the logfile
EVENT_TRACE CurrentEvent; // Current Event from this stream.
TRACE_LOGFILE_HEADER LogfileHeader; // logfile header structure
PEVENT_TRACE_BUFFER_CALLBACKW // callback before each buffer
BufferCallback; // is read
//
// following variables are filled for BufferCallback.
//
ULONG BufferSize;
ULONG Filled;
ULONG EventsLost;
//
// following needs to be propaged to each buffer
//
PEVENT_CALLBACK EventCallback; // callback for every event
ULONG IsKernelTrace; // TRUE for kernel logfile
PVOID Context; // reserved for internal use
};
struct _EVENT_TRACE_LOGFILEA {
LPSTR LogFileName; // Logfile Name
LPSTR LoggerName; // LoggerName
LONGLONG CurrentTime; // timestamp of last event
ULONG BuffersRead; // buffers read to date
ULONG LogFileMode; // LogFile Mode.
EVENT_TRACE CurrentEvent; // Current Event from this stream
TRACE_LOGFILE_HEADER LogfileHeader; // logfile header structure
PEVENT_TRACE_BUFFER_CALLBACKA // callback before each buffer
BufferCallback; // is read
//
// following variables are filled for BufferCallback.
//
ULONG BufferSize;
ULONG Filled;
ULONG EventsLost;
//
// following needs to be propaged to each buffer
//
PEVENT_CALLBACK EventCallback; // callback for every event
ULONG IsKernelTrace; // TRUE for kernel logfile
PVOID Context; // reserved for internal use
};
//
// Define generic structures
//
#if defined(_UNICODE) || defined(UNICODE)
#define PEVENT_TRACE_BUFFER_CALLBACK PEVENT_TRACE_BUFFER_CALLBACKW
#define EVENT_TRACE_LOGFILE EVENT_TRACE_LOGFILEW
#define PEVENT_TRACE_LOGFILE PEVENT_TRACE_LOGFILEW
#else
#define PEVENT_TRACE_BUFFER_CALLBACK PEVENT_TRACE_BUFFER_CALLBACKA
#define EVENT_TRACE_LOGFILE EVENT_TRACE_LOGFILEA
#define PEVENT_TRACE_LOGFILE PEVENT_TRACE_LOGFILEA
#endif
#ifdef __cplusplus
extern "C" {
#endif
//
// Logger control APIs
//
//
// Use the routine below to start an event trace session
//
// ULONG
// StartTrace(
// OUT PTRACEHANDLE TraceHandle,
// IN LPTSTR InstanceName,
// IN OUT PEVENT_TRACE_PROPERTIES Properties
// );
EXTERN_C
ULONG
WMIAPI
StartTraceW(
OUT PTRACEHANDLE TraceHandle,
IN LPCWSTR InstanceName,
IN OUT PEVENT_TRACE_PROPERTIES Properties
);
EXTERN_C
ULONG
WMIAPI
StartTraceA(
OUT PTRACEHANDLE TraceHandle,
IN LPCSTR InstanceName,
IN OUT PEVENT_TRACE_PROPERTIES Properties
);
//
// Use the routine below to stop an event trace session
//
//
// ULONG
// StopTrace(
// IN PTRACEHANDLE TraceHandle,
// IN LPTSTR InstanceName,
// IN OUT PEVENT_TRACE_PROPERTIES Properties
// );
//
// Use the routine below to query the properties of an event trace session
//
// ULONG
// QueryTrace(
// IN PTRACEHANDLE TraceHandle,
// IN LPTSTR InstanceName,
// IN OUT PEVENT_TRACE_PROPERTIES Properties
// );
//
// Use the routine below to update certain properties of an event trace session
//
// ULONG
// UpdateTrace(
// IN (PTRACEHANDLE TraceHandle,
// IN LPTSTR InstanceName,
// IN OUT PEVENT_TRACE_PROPERTIES Properties
// );
EXTERN_C
ULONG
WMIAPI
ControlTraceW(
IN TRACEHANDLE TraceHandle,
IN LPCWSTR InstanceName,
IN OUT PEVENT_TRACE_PROPERTIES Properties,
IN ULONG ControlCode
);
EXTERN_C
ULONG
WMIAPI
ControlTraceA(
IN TRACEHANDLE TraceHandle,
IN LPCSTR InstanceName,
IN OUT PEVENT_TRACE_PROPERTIES Properties,
IN ULONG ControlCode
);
//
// ULONG
// QueryAllTraces(
// OUT PEVENT_TRACE_PROPERTIES *PropertyArray,
// IN ULONG PropertyArrayCount,
// OUT PULONG LoggerCount
// );
//
EXTERN_C
ULONG
WMIAPI
QueryAllTracesW(
OUT PEVENT_TRACE_PROPERTIES *PropertyArray,
IN ULONG PropertyArrayCount,
OUT PULONG LoggerCount
);
EXTERN_C
ULONG
WMIAPI
QueryAllTracesA(
OUT PEVENT_TRACE_PROPERTIES *PropertyArray,
IN ULONG PropertyArrayCount,
OUT PULONG LoggerCount
);
//
// Data Provider APIs
//
EXTERN_C
ULONG
WMIAPI
CreateTraceInstanceId(
IN HANDLE RegHandle,
IN OUT PEVENT_INSTANCE_INFO pInstInfo
);
EXTERN_C
ULONG
WMIAPI
EnableTrace(
IN ULONG Enable,
IN ULONG EnableFlag,
IN ULONG EnableLevel,
IN LPCGUID ControlGuid,
IN TRACEHANDLE TraceHandle
);
//
// Use the routine below to generate and record an event trace
//
EXTERN_C
ULONG
WMIAPI
TraceEvent(
IN TRACEHANDLE TraceHandle,
IN PEVENT_TRACE_HEADER EventTrace
);
EXTERN_C
ULONG
WMIAPI
TraceEventInstance(
IN TRACEHANDLE TraceHandle,
IN PEVENT_INSTANCE_HEADER EventTrace,
IN PEVENT_INSTANCE_INFO pInstInfo,
IN PEVENT_INSTANCE_INFO pParentInstInfo
);
//
// Use the routine below to register a guid for tracing
//
//
// ULONG
// RegisterTraceGuids(
// IN WMIDPREQUEST RequestAddress,
// IN PVOID RequestContext,
// IN LPCGUID ControlGuid,
// IN ULONG GuidCount,
// IN PTRACE_GUID_REGISTRATION TraceGuidReg,
// IN LPCTSTR MofImagePath,
// IN LPCTSTR MofResourceName,
// OUT PTRACEHANDLE RegistrationHandle
// );
//
EXTERN_C
ULONG
WMIAPI
RegisterTraceGuidsW(
IN WMIDPREQUEST RequestAddress,
IN PVOID RequestContext,
IN LPCGUID ControlGuid,
IN ULONG GuidCount,
IN PTRACE_GUID_REGISTRATION TraceGuidReg,
IN LPCWSTR MofImagePath,
IN LPCWSTR MofResourceName,
OUT PTRACEHANDLE RegistrationHandle
);
EXTERN_C
ULONG
WMIAPI
RegisterTraceGuidsA(
IN WMIDPREQUEST RequestAddress,
IN PVOID RequestContext,
IN LPCGUID ControlGuid,
IN ULONG GuidCount,
IN PTRACE_GUID_REGISTRATION TraceGuidReg,
IN LPCSTR MofImagePath,
IN LPCSTR MofResourceName,
OUT PTRACEHANDLE RegistrationHandle
);
EXTERN_C
ULONG
WMIAPI
UnregisterTraceGuids(
IN TRACEHANDLE RegistrationHandle
);
EXTERN_C
TRACEHANDLE
WMIAPI
GetTraceLoggerHandle(
IN PVOID Buffer
);
EXTERN_C
UCHAR
WMIAPI
GetTraceEnableLevel(
IN TRACEHANDLE TraceHandle
);
EXTERN_C
ULONG
WMIAPI
GetTraceEnableFlags(
IN TRACEHANDLE TraceHandle
);
//
// Data Consumer APIs and structures start here
//
//
// TRACEHANDLE
// OpenTrace(
// IN OUT PEVENT_TRACE_LOGFILE Logfile
// );
//
EXTERN_C
TRACEHANDLE
WMIAPI
OpenTraceA(
IN OUT PEVENT_TRACE_LOGFILEA Logfile
);
EXTERN_C
TRACEHANDLE
WMIAPI
OpenTraceW(
IN OUT PEVENT_TRACE_LOGFILEW Logfile
);
EXTERN_C
ULONG
WMIAPI
ProcessTrace(
IN PTRACEHANDLE HandleArray,
IN ULONG HandleCount,
IN LPFILETIME StartTime,
IN LPFILETIME EndTime
);
EXTERN_C
ULONG
WMIAPI
CloseTrace(
IN TRACEHANDLE TraceHandle
);
EXTERN_C
ULONG
WMIAPI
SetTraceCallback(
IN LPCGUID pGuid,
IN PEVENT_CALLBACK EventCallback
);
EXTERN_C
ULONG
WMIAPI
RemoveTraceCallback (
IN LPCGUID pGuid
);
#ifdef __cplusplus
} // extern "C"
#endif
//
//
// Define the encoding independent routines
//
#if defined(UNICODE) || defined(_UNICODE)
#define RegisterTraceGuids RegisterTraceGuidsW
#define StartTrace StartTraceW
#define ControlTrace ControlTraceW
#define StopTrace(a,b,c) ControlTraceW((a),(b),(c), \
EVENT_TRACE_CONTROL_STOP)
#define QueryTrace(a,b,c) ControlTraceW((a),(b),(c), \
EVENT_TRACE_CONTROL_QUERY)
#define UpdateTrace(a,b,c) ControlTraceW((a),(b),(c), \
EVENT_TRACE_CONTROL_UPDATE)
#define QueryAllTraces QueryAllTracesW
#define OpenTrace OpenTraceW
#else
#define RegisterTraceGuids RegisterTraceGuidsA
#define StartTrace StartTraceA
#define ControlTrace ControlTraceA
#define StopTrace(a,b,c) ControlTraceA((a),(b),(c), \
EVENT_TRACE_CONTROL_STOP)
#define QueryTrace(a,b,c) ControlTraceA((a),(b),(c), \
EVENT_TRACE_CONTROL_QUERY)
#define UpdateTrace(a,b,c) ControlTraceA((a),(b),(c), \
EVENT_TRACE_CONTROL_UPDATE)
#define QueryAllTraces QueryAllTracesA
#define OpenTrace OpenTraceA
#endif // UNICODE
#endif /* _WMIKM_ && _NTDDK_ */
#endif // WINNT
#pragma option pop /*P_O_Pop*/
#endif /* _EVNTRACE_ */
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -