Domovská stránka Prehľadávať Pomoc
Registrovať Prihlásiť sa
LYFZ
/
lyfz_repos
2
0
Fork 0
Súbory Issues 0 Pull requesty 0 Wiki
Strom: 8b4791aa7f
Branche Tagy
lyfz_repos
/
经典版源码
/
lyfzClient
/
trunk
/
3.0.0.0
/
sdkInclude
/
Evntrace.h

Evntrace.h 31 KB
História Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102 
  1. /*++
    2. 

  2. 

  3. Copyright (c) Microsoft Corporation.  All rights reserved.
    4. 

  4. 

  5. Module Name:
    6. 

  6. 

  7.     EvnTrace.h
    8. 

  8. 

  9. Abstract:
    10. 

  10. 

  11.     Public headers for event tracing control applications,
    12. 

  12.     consumers and providers
    13. 

  13. 

  14. --*/
    15. 

  15. 

  16. #ifndef _EVNTRACE_
    17. 

  17. #define _EVNTRACE_
    18. 

  18. 

  19. #if defined(_WINNT_) || defined(WINNT)
    20. 

  20. #ifndef WMIAPI
    21. 

  21. #ifndef MIDL_PASS
    22. 

  22. #ifdef _WMI_SOURCE_
    23. 

  23. #define WMIAPI __stdcall
    24. 

  24. #else
    25. 

  25. #define WMIAPI DECLSPEC_IMPORT __stdcall
    26. 

  26. #endif // _WMI_SOURCE
    27. 

  27. #endif // MIDL_PASS
    28. 

  28. 

  29. #endif // WMIAPI
    30. 

  30. 

  31. #include <guiddef.h>
    32. 

  32. 

  33. //
    34. 

  34. // EventTraceGuid is used to identify a event tracing session
    35. 

  35. //
    36. 

  36. DEFINE_GUID ( /* 68fdd900-4a3e-11d1-84f4-0000f80464e3 */
    37. 

  37.     EventTraceGuid,
    38. 

  38.     0x68fdd900,
    39. 

  39.     0x4a3e,
    40. 

  40.     0x11d1,
    41. 

  41.     0x84, 0xf4, 0x00, 0x00, 0xf8, 0x04, 0x64, 0xe3
    42. 

  42.   );
    43. 

  43. 

  44. //
    45. 

  45. // SystemTraceControlGuid. Used to specify event tracing for kernel
    46. 

  46. //
    47. 

  47. DEFINE_GUID ( /* 9e814aad-3204-11d2-9a82-006008a86939 */
    48. 

  48.     SystemTraceControlGuid,
    49. 

  49.     0x9e814aad,
    50. 

  50.     0x3204,
    51. 

  51.     0x11d2,
    52. 

  52.     0x9a, 0x82, 0x00, 0x60, 0x08, 0xa8, 0x69, 0x39
    53. 

  53.   );
    54. 

  54. 

  55. //
    56. 

  56. //EventTraceConfigGuid. Used to report hardware configuration records
    57. 

  57. //
    58. 

  58. 

  59. DEFINE_GUID ( /* 01853a65-418f-4f36-aefc-dc0f1d2fd235 */
    60. 

  60.     EventTraceConfigGuid,
    61. 

  61.     0x01853a65,
    62. 

  62.     0x418f,
    63. 

  63.     0x4f36,
    64. 

  64.     0xae, 0xfc, 0xdc, 0x0f, 0x1d, 0x2f, 0xd2, 0x35
    65. 

  65.   );
    66. 

  66. 

  67. #define KERNEL_LOGGER_NAMEW   L"NT Kernel Logger"
    68. 

  68. #define GLOBAL_LOGGER_NAMEW   L"GlobalLogger"
    69. 

  69. #define EVENT_LOGGER_NAMEW    L"Event Log"
    70. 

  70. 

  71. #define KERNEL_LOGGER_NAMEA   "NT Kernel Logger"
    72. 

  72. #define GLOBAL_LOGGER_NAMEA   "GlobalLogger"
    73. 

  73. #define EVENT_LOGGER_NAMEA    "Event Log"
    74. 

  74. 

  75. #define MAX_MOF_FIELDS                      16  // Limit of USE_MOF_PTR fields
    76. 

  76. typedef ULONG64 TRACEHANDLE, *PTRACEHANDLE;
    77. 

  77. 

  78. //
    79. 

  79. // predefined generic event types (0x00 to 0x09 reserved).
    80. 

  80. //
    81. 

  81. 

  82. #define EVENT_TRACE_TYPE_INFO               0x00  // Info or point event
    83. 

  83. #define EVENT_TRACE_TYPE_START              0x01  // Start event
    84. 

  84. #define EVENT_TRACE_TYPE_END                0x02  // End event
    85. 

  85. #define EVENT_TRACE_TYPE_DC_START           0x03  // Collection start marker
    86. 

  86. #define EVENT_TRACE_TYPE_DC_END             0x04  // Collection end marker
    87. 

  87. #define EVENT_TRACE_TYPE_EXTENSION          0x05  // Extension/continuation
    88. 

  88. #define EVENT_TRACE_TYPE_REPLY              0x06  // Reply event
    89. 

  89. #define EVENT_TRACE_TYPE_DEQUEUE            0x07  // De-queue event
    90. 

  90. #define EVENT_TRACE_TYPE_CHECKPOINT         0x08  // Generic checkpoint event
    91. 

  91. #define EVENT_TRACE_TYPE_RESERVED9          0x09
    92. 

  92. 

  93. //
    94. 

  94. // Predefined Event Tracing Levels for Software/Debug Tracing
    95. 

  95. //
    96. 

  96. //
    97. 

  97. // Trace Level is UCHAR and passed in through the EnableLevel parameter
    98. 

  98. // in EnableTrace API. It is retrieved by the provider using the
    99. 

  99. // GetTraceEnableLevel macro.It should be interpreted as an integer value 
    100. 

  100. // to mean everything at or below that level will be traced. 
    101. 

  101. //
    102. 

  102. // Here are the possible Levels. 
    103. 

  103. //
    104. 

  104. 

  105. #define TRACE_LEVEL_NONE        0   // Tracing is not on
    106. 

  106. #define TRACE_LEVEL_FATAL       1   // Abnormal exit or termination
    107. 

  107. #define TRACE_LEVEL_ERROR       2   // Severe errors that need logging
    108. 

  108. #define TRACE_LEVEL_WARNING     3   // Warnings such as allocation failure
    109. 

  109. #define TRACE_LEVEL_INFORMATION 4   // Includes non-error cases(e.g.,Entry-Exit)
    110. 

  110. #define TRACE_LEVEL_VERBOSE     5   // Detailed traces from intermediate steps 
    111. 

  111. #define TRACE_LEVEL_RESERVED6   6   
    112. 

  112. #define TRACE_LEVEL_RESERVED7   7
    113. 

  113. #define TRACE_LEVEL_RESERVED8   8
    114. 

  114. #define TRACE_LEVEL_RESERVED9   9
    115. 

  115. 

  116. //
    117. 

  117. // Event types for Process & Threads
    118. 

  118. //
    119. 

  119. 

  120. #define EVENT_TRACE_TYPE_LOAD                  0x0A      // Load image
    121. 

  121. 

  122. //
    123. 

  123. // Event types for IO subsystem
    124. 

  124. //
    125. 

  125. 

  126. #define EVENT_TRACE_TYPE_IO_READ               0x0A
    127. 

  127. #define EVENT_TRACE_TYPE_IO_WRITE              0x0B
    128. 

  128. 

  129. //
    130. 

  130. // Event types for Memory subsystem
    131. 

  131. //
    132. 

  132. 

  133. #define EVENT_TRACE_TYPE_MM_TF                 0x0A      // Transition fault
    134. 

  134. #define EVENT_TRACE_TYPE_MM_DZF                0x0B      // Demand Zero fault
    135. 

  135. #define EVENT_TRACE_TYPE_MM_COW                0x0C      // Copy on Write
    136. 

  136. #define EVENT_TRACE_TYPE_MM_GPF                0x0D      // Guard Page fault
    137. 

  137. #define EVENT_TRACE_TYPE_MM_HPF                0x0E      // Hard page fault
    138. 

  138. 

  139. //
    140. 

  140. // Event types for Network subsystem, all protocols
    141. 

  141. //
    142. 

  142. 

  143. #define EVENT_TRACE_TYPE_SEND                  0x0A     // Send
    144. 

  144. #define EVENT_TRACE_TYPE_RECEIVE               0x0B     // Receive
    145. 

  145. #define EVENT_TRACE_TYPE_CONNECT               0x0C     // Connect
    146. 

  146. #define EVENT_TRACE_TYPE_DISCONNECT            0x0D     // Disconnect
    147. 

  147. #define EVENT_TRACE_TYPE_RETRANSMIT            0x0E     // ReTransmit
    148. 

  148. #define EVENT_TRACE_TYPE_ACCEPT                0x0F     // Accept
    149. 

  149. #define EVENT_TRACE_TYPE_RECONNECT             0x10     // ReConnect
    150. 

  150. 

  151. 

  152. //
    153. 

  153. // Event Types for the Header (to handle internal event headers)
    154. 

  154. //
    155. 

  155. 

  156. #define EVENT_TRACE_TYPE_GUIDMAP                0x0A
    157. 

  157. #define EVENT_TRACE_TYPE_CONFIG                 0x0B
    158. 

  158. #define EVENT_TRACE_TYPE_SIDINFO                0x0C
    159. 

  159. #define EVENT_TRACE_TYPE_SECURITY               0x0D
    160. 

  160. 

  161. //
    162. 

  162. // Event types for Registry subsystem
    163. 

  163. //
    164. 

  164. 

  165. #define EVENT_TRACE_TYPE_REGCREATE              0x0A     // NtCreateKey
    166. 

  166. #define EVENT_TRACE_TYPE_REGOPEN                0x0B     // NtOpenKey
    167. 

  167. #define EVENT_TRACE_TYPE_REGDELETE              0x0C     // NtDeleteKey
    168. 

  168. #define EVENT_TRACE_TYPE_REGQUERY               0x0D     // NtQueryKey
    169. 

  169. #define EVENT_TRACE_TYPE_REGSETVALUE            0x0E     // NtSetValueKey
    170. 

  170. #define EVENT_TRACE_TYPE_REGDELETEVALUE         0x0F     // NtDeleteValueKey
    171. 

  171. #define EVENT_TRACE_TYPE_REGQUERYVALUE          0x10     // NtQueryValueKey
    172. 

  172. #define EVENT_TRACE_TYPE_REGENUMERATEKEY        0x11     // NtEnumerateKey
    173. 

  173. #define EVENT_TRACE_TYPE_REGENUMERATEVALUEKEY   0x12     // NtEnumerateValueKey
    174. 

  174. #define EVENT_TRACE_TYPE_REGQUERYMULTIPLEVALUE  0x13     // NtQueryMultipleValueKey
    175. 

  175. #define EVENT_TRACE_TYPE_REGSETINFORMATION      0x14     // NtSetInformationKey
    176. 

  176. #define EVENT_TRACE_TYPE_REGFLUSH               0x15     // NtFlushKey
    177. 

  177. #define EVENT_TRACE_TYPE_REGKCBDMP              0x16     // KcbDump/create
    178. 

  178. 

  179. //
    180. 

  180. // Event types for system configuration records
    181. 

  181. //
    182. 

  182. #define EVENT_TRACE_TYPE_CONFIG_CPU             0x0A     // CPU Configuration
    183. 

  183. #define EVENT_TRACE_TYPE_CONFIG_PHYSICALDISK    0x0B     // Physical Disk Configuration
    184. 

  184. #define EVENT_TRACE_TYPE_CONFIG_LOGICALDISK     0x0C     // Logical Disk Configuration
    185. 

  185. #define EVENT_TRACE_TYPE_CONFIG_NIC             0x0D     // NIC Configuration
    186. 

  186. #define EVENT_TRACE_TYPE_CONFIG_VIDEO           0x0E     // Video Adapter Configuration
    187. 

  187. #define EVENT_TRACE_TYPE_CONFIG_SERVICES        0x0F     // Active Services
    188. 

  188. #define EVENT_TRACE_TYPE_CONFIG_POWER           0x10     // ACPI Configuration
    189. 

  189. 

  190. //
    191. 

  191. // Enable flags for SystemControlGuid only
    192. 

  192. //
    193. 

  193. #define EVENT_TRACE_FLAG_PROCESS            0x00000001  // process start & end
    194. 

  194. #define EVENT_TRACE_FLAG_THREAD             0x00000002  // thread start & end
    195. 

  195. #define EVENT_TRACE_FLAG_IMAGE_LOAD         0x00000004  // image load
    196. 

  196. 

  197. #define EVENT_TRACE_FLAG_DISK_IO            0x00000100  // physical disk IO
    198. 

  198. #define EVENT_TRACE_FLAG_DISK_FILE_IO       0x00000200  // requires disk IO
    199. 

  199. 

  200. #define EVENT_TRACE_FLAG_MEMORY_PAGE_FAULTS 0x00001000  // all page faults
    201. 

  201. #define EVENT_TRACE_FLAG_MEMORY_HARD_FAULTS 0x00002000  // hard faults only
    202. 

  202. 

  203. #define EVENT_TRACE_FLAG_NETWORK_TCPIP      0x00010000  // tcpip send & receive
    204. 

  204. 

  205. #define EVENT_TRACE_FLAG_REGISTRY           0x00020000  // registry calls
    206. 

  206. #define EVENT_TRACE_FLAG_DBGPRINT           0x00040000  // DbgPrint(ex) Calls
    207. 

  207. //
    208. 

  208. // Pre-defined Enable flags for everybody else
    209. 

  209. //
    210. 

  210. #define EVENT_TRACE_FLAG_EXTENSION          0x80000000  // indicates more flags
    211. 

  211. #define EVENT_TRACE_FLAG_FORWARD_WMI        0x40000000  // Can forward to WMI
    212. 

  212. #define EVENT_TRACE_FLAG_ENABLE_RESERVE     0x20000000  // Reserved
    213. 

  213. 

  214. //
    215. 

  215. // Logger Mode flags
    216. 

  216. //
    217. 

  217. 

  218. #define EVENT_TRACE_FILE_MODE_NONE          0x00000000  // logfile is off
    219. 

  219. #define EVENT_TRACE_FILE_MODE_SEQUENTIAL    0x00000001  // log sequentially
    220. 

  220. #define EVENT_TRACE_FILE_MODE_CIRCULAR      0x00000002  // log in circular manner
    221. 

  221. #define EVENT_TRACE_FILE_MODE_APPEND        0x00000004  // append sequential log
    222. 

  222. #define EVENT_TRACE_FILE_MODE_NEWFILE       0x00000008  // auto-switch log file
    223. 

  223. 

  224. #define EVENT_TRACE_FILE_MODE_PREALLOCATE   0x00000020  // pre-allocate mode
    225. 

  225. 

  226. #define EVENT_TRACE_REAL_TIME_MODE          0x00000100  // real time mode on
    227. 

  227. #define EVENT_TRACE_DELAY_OPEN_FILE_MODE    0x00000200  // delay opening file
    228. 

  228. #define EVENT_TRACE_BUFFERING_MODE          0x00000400  // buffering mode only
    229. 

  229. #define EVENT_TRACE_PRIVATE_LOGGER_MODE     0x00000800  // Process Private Logger
    230. 

  230. #define EVENT_TRACE_ADD_HEADER_MODE         0x00001000  // Add a logfile header
    231. 

  231. #define EVENT_TRACE_USE_GLOBAL_SEQUENCE     0x00004000  // Use global sequence no.
    232. 

  232. #define EVENT_TRACE_USE_LOCAL_SEQUENCE      0x00008000  // Use local sequence no.
    233. 

  233. 

  234. #define EVENT_TRACE_RELOG_MODE              0x00010000  // Relogger
    235. 

  235. 

  236. #define EVENT_TRACE_USE_PAGED_MEMORY        0x01000000  // Use pageable buffers   
    237. 

  237. 

  238. //
    239. 

  239. // internal control codes used.
    240. 

  240. //
    241. 

  241. #define EVENT_TRACE_CONTROL_QUERY           0
    242. 

  242. #define EVENT_TRACE_CONTROL_STOP            1
    243. 

  243. #define EVENT_TRACE_CONTROL_UPDATE          2
    244. 

  244. #define EVENT_TRACE_CONTROL_FLUSH           3       // Flushes all the buffers
    245. 

  245. 

  246. //
    247. 

  247. // Flags used by WMI Trace Message
    248. 

  248. // Note that the order or value of these flags should NOT be changed as they are processed
    249. 

  249. // in this order.
    250. 

  250. //
    251. 

  251. #define TRACE_MESSAGE_SEQUENCE		1           // Message should include a sequence number
    252. 

  252. #define TRACE_MESSAGE_GUID			2           // Message includes a GUID
    253. 

  253. #define TRACE_MESSAGE_COMPONENTID   4           // Message has no GUID, Component ID instead
    254. 

  254. #define	TRACE_MESSAGE_TIMESTAMP		8           // Message includes a timestamp
    255. 

  255. #define TRACE_MESSAGE_PERFORMANCE_TIMESTAMP 16  // Timestamp is the Performance Counter not the system clock
    256. 

  256. #define	TRACE_MESSAGE_SYSTEMINFO	32          // Message includes system information TID,PID
    257. 

  257. #define TRACE_MESSAGE_FLAG_MASK     0xFFFF      // Only the lower 16 bits of flags are placed in the message
    258. 

  258.                                                 // those above 16 bits are reserved for local processing
    259. 

  259. #define TRACE_MESSAGE_MAXIMUM_SIZE  8*1024      // the maximum size allowed for a single trace message
    260. 

  260.                                                 // longer messages will return ERROR_BUFFER_OVERFLOW
    261. 

  261. //
    262. 

  262. // Flags to indicate to consumer which fields
    263. 

  263. // in the EVENT_TRACE_HEADER are valid
    264. 

  264. //
    265. 

  265. 

  266. #define EVENT_TRACE_USE_PROCTIME   0x0001    // ProcessorTime field is valid
    267. 

  267. #define EVENT_TRACE_USE_NOCPUTIME  0x0002    // No Kernel/User/Processor Times
    268. 

  268. 

  269. #if _MSC_VER >= 1200
    270. 

  270. #pragma warning(push)
    271. 

  271. #endif
    272. 

  272. #pragma warning (disable:4201)
    273. 

  273. //
    274. 

  274. // Trace header for all (except kernel) events. This is used to overlay
    275. 

  275. // to bottom part of WNODE_HEADER to conserve space.
    276. 

  276. //
    277. 

  277. 

  278. typedef struct _EVENT_TRACE_HEADER {        // overlays WNODE_HEADER
    279. 

  279.     USHORT          Size;                   // Size of entire record
    280. 

  280.     union {
    281. 

  281.         USHORT      FieldTypeFlags;         // Indicates valid fields
    282. 

  282.         struct {
    283. 

  283.             UCHAR   HeaderType;             // Header type - internal use only
    284. 

  284.             UCHAR   MarkerFlags;            // Marker - internal use only
    285. 

  285.         };
    286. 

  286.     };
    287. 

  287.     union {
    288. 

  288.         ULONG       Version;
    289. 

  289.         struct {
    290. 

  290.             UCHAR   Type;                   // event type
    291. 

  291.             UCHAR   Level;                  // trace instrumentation level
    292. 

  292.             USHORT  Version;                // version of trace record
    293. 

  293.         } Class;
    294. 

  294.     };
    295. 

  295.     ULONG           ThreadId;               // Thread Id
    296. 

  296.     ULONG           ProcessId;              // Process Id
    297. 

  297.     LARGE_INTEGER   TimeStamp;              // time when event happens
    298. 

  298.     union {
    299. 

  299.         GUID        Guid;                   // Guid that identifies event
    300. 

  300.         ULONGLONG   GuidPtr;                // use with WNODE_FLAG_USE_GUID_PTR
    301. 

  301.     };
    302. 

  302.     union {
    303. 

  303.         struct {
    304. 

  304.             ULONG   ClientContext;          // Reserved
    305. 

  305.             ULONG   Flags;                  // Flags for header
    306. 

  306.         };
    307. 

  307.         struct {
    308. 

  308.             ULONG   KernelTime;             // Kernel Mode CPU ticks
    309. 

  309.             ULONG   UserTime;               // User mode CPU ticks
    310. 

  310.         };
    311. 

  311.         ULONG64     ProcessorTime;          // Processor Clock
    312. 

  312.     };
    313. 

  313. } EVENT_TRACE_HEADER, *PEVENT_TRACE_HEADER;
    314. 

  314. 

  315. //
    316. 

  316. // This header is used to trace and track transaction co-relations
    317. 

  317. //
    318. 

  318. typedef struct _EVENT_INSTANCE_HEADER {
    319. 

  319.     USHORT          Size;
    320. 

  320.     union {
    321. 

  321.         USHORT      FieldTypeFlags;     // Indicates valid fields
    322. 

  322.         struct {
    323. 

  323.             UCHAR   HeaderType;         // Header type - internal use only
    324. 

  324.             UCHAR   MarkerFlags;        // Marker - internal use only
    325. 

  325.         };
    326. 

  326.     };
    327. 

  327.     union {
    328. 

  328.         ULONG       Version;
    329. 

  329.         struct {
    330. 

  330.             UCHAR   Type;
    331. 

  331.             UCHAR   Level;
    332. 

  332.             USHORT  Version;
    333. 

  333.         } Class;
    334. 

  334.     };
    335. 

  335.     ULONG           ThreadId;
    336. 

  336.     ULONG           ProcessId;
    337. 

  337.     LARGE_INTEGER   TimeStamp;
    338. 

  338.     ULONGLONG       RegHandle;
    339. 

  339.     ULONG           InstanceId;
    340. 

  340.     ULONG           ParentInstanceId;
    341. 

  341.     union {
    342. 

  342.         struct {
    343. 

  343.             ULONG   ClientContext;          // Reserved
    344. 

  344.             ULONG   Flags;                  // Flags for header
    345. 

  345.         };
    346. 

  346.         struct {
    347. 

  347.             ULONG   KernelTime;             // Kernel Mode CPU ticks
    348. 

  348.             ULONG   UserTime;               // User mode CPU ticks
    349. 

  349.         };
    350. 

  350.         ULONG64     ProcessorTime;          // Processor Clock
    351. 

  351.     };
    352. 

  352.     ULONGLONG       ParentRegHandle;
    353. 

  353. } EVENT_INSTANCE_HEADER, *PEVENT_INSTANCE_HEADER;
    354. 

  354. 

  355. //
    356. 

  356. // Following are structures and macros for use with USE_MOF_PTR
    357. 

  357. //
    358. 

  358. 

  359. #define DEFINE_TRACE_MOF_FIELD(MOF, ptr, length, type) \
    360. 

  360.     (MOF)->DataPtr  = (ULONG64) ptr; \
    361. 

  361.     (MOF)->Length   = (ULONG) length; \
    362. 

  362.     (MOF)->DataType = (ULONG) type;
    363. 

  363. 

  364. typedef struct _MOF_FIELD {
    365. 

  365.     ULONG64     DataPtr;    // Pointer to the field. Up to 64-bits only
    366. 

  366.     ULONG       Length;     // Length of the MOF field
    367. 

  367.     ULONG       DataType;   // Type of data
    368. 

  368. } MOF_FIELD, *PMOF_FIELD;
    369. 

  369. 

  370. #if !defined(_NTDDK_) || defined(_WMIKM_)
    371. 

  371. //
    372. 

  372. // This is the header for every logfile. The memory for LoggerName
    373. 

  373. // and LogFileName must be contiguous adjacent to this structure
    374. 

  374. // Allows both user-mode and kernel-mode to understand the header
    375. 

  375. //
    376. 

  376. typedef struct _TRACE_LOGFILE_HEADER {
    377. 

  377.     ULONG           BufferSize;         // Logger buffer size in Kbytes
    378. 

  378.     union {
    379. 

  379.         ULONG       Version;            // Logger version
    380. 

  380.         struct {
    381. 

  381.             UCHAR   MajorVersion;
    382. 

  382.             UCHAR   MinorVersion;
    383. 

  383.             UCHAR   SubVersion;
    384. 

  384.             UCHAR   SubMinorVersion;
    385. 

  385.         } VersionDetail;
    386. 

  386.     };
    387. 

  387.     ULONG           ProviderVersion;    // defaults to NT version
    388. 

  388.     ULONG           NumberOfProcessors; // Number of Processors
    389. 

  389.     LARGE_INTEGER   EndTime;            // Time when logger stops
    390. 

  390.     ULONG           TimerResolution;    // assumes timer is constant!!!
    391. 

  391.     ULONG           MaximumFileSize;    // Maximum in Mbytes
    392. 

  392.     ULONG           LogFileMode;        // specify logfile mode
    393. 

  393.     ULONG           BuffersWritten;     // used to file start of Circular File
    394. 

  394.     union {
    395. 

  395.         GUID LogInstanceGuid;           // For RealTime Buffer Delivery
    396. 

  396.         struct {
    397. 

  397.             ULONG   StartBuffers;       // Count of buffers written at start.
    398. 

  398.             ULONG   PointerSize;        // Size of pointer type in bits
    399. 

  399.             ULONG   EventsLost;         // Events losts during log session
    400. 

  400.             ULONG   CpuSpeedInMHz;      // Cpu Speed in MHz
    401. 

  401.         };
    402. 

  402.     };
    403. 

  403. #if defined(_WMIKM_)
    404. 

  404.     PWCHAR          LoggerName;
    405. 

  405.     PWCHAR          LogFileName;
    406. 

  406.     RTL_TIME_ZONE_INFORMATION TimeZone;
    407. 

  407. #else
    408. 

  408.     LPWSTR          LoggerName;
    409. 

  409.     LPWSTR          LogFileName;
    410. 

  410.     TIME_ZONE_INFORMATION TimeZone;
    411. 

  411. #endif
    412. 

  412.     LARGE_INTEGER   BootTime;
    413. 

  413.     LARGE_INTEGER   PerfFreq;           // Reserved
    414. 

  414.     LARGE_INTEGER   StartTime;          // Reserved
    415. 

  415.     ULONG           ReservedFlags;      // Reserved
    416. 

  416.     ULONG           BuffersLost;
    417. 

  417. } TRACE_LOGFILE_HEADER, *PTRACE_LOGFILE_HEADER;
    418. 

  418. 

  419. #endif // !_NTDDK_ || _WMIKM_
    420. 

  420. 

  421. 

  422. //
    423. 

  423. // Instance Information to track parent child relationship of Instances.
    424. 

  424. //
    425. 

  425. typedef struct EVENT_INSTANCE_INFO {
    426. 

  426.     HANDLE      RegHandle;
    427. 

  427.     ULONG       InstanceId;
    428. 

  428. } EVENT_INSTANCE_INFO, *PEVENT_INSTANCE_INFO;
    429. 

  429. 

  430. #if !defined(_WMIKM_) && !defined(_NTDDK_)
    431. 

  431. //
    432. 

  432. // Structures that have UNICODE and ANSI versions are defined here
    433. 

  433. //
    434. 

  434. 

  435. //
    436. 

  436. // Logger configuration and running statistics. This structure is used
    437. 

  437. // by user-mode callers, such as PDH library
    438. 

  438. //
    439. 

  439. 

  440. typedef struct _EVENT_TRACE_PROPERTIES {
    441. 

  441.     WNODE_HEADER Wnode;
    442. 

  442. //
    443. 

  443. // data provided by caller
    444. 

  444.     ULONG BufferSize;                   // buffer size for logging (kbytes)
    445. 

  445.     ULONG MinimumBuffers;               // minimum to preallocate
    446. 

  446.     ULONG MaximumBuffers;               // maximum buffers allowed
    447. 

  447.     ULONG MaximumFileSize;              // maximum logfile size (in MBytes)
    448. 

  448.     ULONG LogFileMode;                  // sequential, circular
    449. 

  449.     ULONG FlushTimer;                   // buffer flush timer, in seconds
    450. 

  450.     ULONG EnableFlags;                  // trace enable flags
    451. 

  451.     LONG  AgeLimit;                     // age decay time, in minutes
    452. 

  452. 

  453. // data returned to caller
    454. 

  454.     ULONG NumberOfBuffers;              // no of buffers in use
    455. 

  455.     ULONG FreeBuffers;                  // no of buffers free
    456. 

  456.     ULONG EventsLost;                   // event records lost
    457. 

  457.     ULONG BuffersWritten;               // no of buffers written to file
    458. 

  458.     ULONG LogBuffersLost;               // no of logfile write failures
    459. 

  459.     ULONG RealTimeBuffersLost;          // no of rt delivery failures
    460. 

  460.     HANDLE LoggerThreadId;              // thread id of Logger
    461. 

  461.     ULONG LogFileNameOffset;            // Offset to LogFileName
    462. 

  462.     ULONG LoggerNameOffset;             // Offset to LoggerName
    463. 

  463. } EVENT_TRACE_PROPERTIES, *PEVENT_TRACE_PROPERTIES;
    464. 

  464. 

  465. // NOTE:
    466. 

  466. // If AgeLimit is 0, default is used
    467. 

  467. // If AgeLimit is < 0, buffer aging is turned off
    468. 

  468. 

  469. typedef struct _TRACE_GUID_PROPERTIES {
    470. 

  470.     GUID    Guid;
    471. 

  471.     ULONG   GuidType;
    472. 

  472.     ULONG   LoggerId;
    473. 

  473.     ULONG   EnableLevel;
    474. 

  474.     ULONG   EnableFlags;
    475. 

  475.     BOOLEAN     IsEnable;
    476. 

  476. } TRACE_GUID_PROPERTIES, *PTRACE_GUID_PROPERTIES;
    477. 

  477. 

  478. 

  479. //
    480. 

  480. // Data Provider structures
    481. 

  481. //
    482. 

  482. // Used by RegisterTraceGuids()
    483. 

  483. 

  484. typedef struct  _TRACE_GUID_REGISTRATION {
    485. 

  485.     LPCGUID Guid;           // Guid of data block being registered or updated.
    486. 

  486.     HANDLE RegHandle;      // Guid Registration Handle is returned.
    487. 

  487. } TRACE_GUID_REGISTRATION, *PTRACE_GUID_REGISTRATION;
    488. 

  488. 

  489. //
    490. 

  490. // Data consumer structures
    491. 

  491. //
    492. 

  492. 

  493. // An EVENT_TRACE consists of a fixed header (EVENT_TRACE_HEADER) and
    494. 

  494. // optionally a variable portion pointed to by MofData. The datablock
    495. 

  495. // layout of the variable portion is unknown to the Logger and must
    496. 

  496. // be obtained from WBEM CIMOM database.
    497. 

  497. //
    498. 

  498. typedef struct _EVENT_TRACE {
    499. 

  499.     EVENT_TRACE_HEADER      Header;             // Event trace header
    500. 

  500.     ULONG                   InstanceId;         // Instance Id of this event
    501. 

  501.     ULONG                   ParentInstanceId;   // Parent Instance Id.
    502. 

  502.     GUID                    ParentGuid;         // Parent Guid;
    503. 

  503.     PVOID                   MofData;            // Pointer to Variable Data
    504. 

  504.     ULONG                   MofLength;          // Variable Datablock Length
    505. 

  505.     ULONG                   ClientContext;      // Reserved
    506. 

  506. } EVENT_TRACE, *PEVENT_TRACE;
    507. 

  507. 

  508. 

  509. typedef struct _EVENT_TRACE_LOGFILEW
    510. 

  510.                 EVENT_TRACE_LOGFILEW, *PEVENT_TRACE_LOGFILEW;
    511. 

  511. 

  512. typedef struct _EVENT_TRACE_LOGFILEA
    513. 

  513.                 EVENT_TRACE_LOGFILEA, *PEVENT_TRACE_LOGFILEA;
    514. 

  514. 

  515. typedef ULONG (WINAPI * PEVENT_TRACE_BUFFER_CALLBACKW)
    516. 

  516.                 (PEVENT_TRACE_LOGFILEW Logfile);
    517. 

  517. 

  518. typedef ULONG (WINAPI * PEVENT_TRACE_BUFFER_CALLBACKA)
    519. 

  519.                 (PEVENT_TRACE_LOGFILEA Logfile);
    520. 

  520. 

  521. typedef VOID (WINAPI *PEVENT_CALLBACK)( PEVENT_TRACE pEvent );
    522. 

  522. 

  523. //
    524. 

  524. // Prototype for service request callback. Data providers register with WMI
    525. 

  525. // by passing a service request callback function that is called for all
    526. 

  526. // wmi requests.
    527. 

  527. 

  528. typedef ULONG (
    529. 

  529. #ifndef MIDL_PASS
    530. 

  530. WINAPI
    531. 

  531. #endif
    532. 

  532. *WMIDPREQUEST)(
    533. 

  533.     IN WMIDPREQUESTCODE RequestCode,
    534. 

  534.     IN PVOID RequestContext,
    535. 

  535.     IN OUT ULONG *BufferSize,
    536. 

  536.     IN OUT PVOID Buffer
    537. 

  537.     );
    538. 

  538. 

  539. 

  540. struct _EVENT_TRACE_LOGFILEW {
    541. 

  541.     LPWSTR                  LogFileName;    // Logfile Name
    542. 

  542.     LPWSTR                  LoggerName;     // LoggerName
    543. 

  543.     LONGLONG                CurrentTime;    // timestamp of last event
    544. 

  544.     ULONG                   BuffersRead;    // buffers read to date
    545. 

  545.     ULONG                   LogFileMode;    // Mode of the logfile
    546. 

  546. 

  547.     EVENT_TRACE             CurrentEvent;   // Current Event from this stream.
    548. 

  548.     TRACE_LOGFILE_HEADER    LogfileHeader;  // logfile header structure
    549. 

  549.     PEVENT_TRACE_BUFFER_CALLBACKW           // callback before each buffer
    550. 

  550.                             BufferCallback; // is read
    551. 

  551.     //
    552. 

  552.     // following variables are filled for BufferCallback.
    553. 

  553.     //
    554. 

  554.     ULONG                   BufferSize;
    555. 

  555.     ULONG                   Filled;
    556. 

  556.     ULONG                   EventsLost;
    557. 

  557.     //
    558. 

  558.     // following needs to be propaged to each buffer
    559. 

  559.     //
    560. 

  560. 

  561.     PEVENT_CALLBACK         EventCallback;  // callback for every event
    562. 

  562.     ULONG                   IsKernelTrace;  // TRUE for kernel logfile
    563. 

  563. 

  564.     PVOID                   Context;        // reserved for internal use
    565. 

  565. };
    566. 

  566. 

  567. struct _EVENT_TRACE_LOGFILEA {
    568. 

  568.     LPSTR                   LogFileName;    // Logfile Name
    569. 

  569.     LPSTR                   LoggerName;     // LoggerName
    570. 

  570.     LONGLONG                CurrentTime;    // timestamp of last event
    571. 

  571.     ULONG                   BuffersRead;    // buffers read to date
    572. 

  572.     ULONG                   LogFileMode;    // LogFile Mode.
    573. 

  573. 

  574.     EVENT_TRACE             CurrentEvent;   // Current Event from this stream
    575. 

  575.     TRACE_LOGFILE_HEADER    LogfileHeader;  // logfile header structure
    576. 

  576.     PEVENT_TRACE_BUFFER_CALLBACKA           // callback before each buffer
    577. 

  577.                             BufferCallback; // is read
    578. 

  578. 

  579.     //
    580. 

  580.     // following variables are filled for BufferCallback.
    581. 

  581.     //
    582. 

  582.     ULONG                   BufferSize;
    583. 

  583.     ULONG                   Filled;
    584. 

  584.     ULONG                   EventsLost;
    585. 

  585.     //
    586. 

  586.     // following needs to be propaged to each buffer
    587. 

  587.     //
    588. 

  588. 

  589.     PEVENT_CALLBACK         EventCallback;  // callback for every event
    590. 

  590.     ULONG                   IsKernelTrace;  // TRUE for kernel logfile
    591. 

  591. 

  592.     PVOID                   Context;        // reserved for internal use
    593. 

  593. };
    594. 

  594. 

  595. //
    596. 

  596. // Define generic structures
    597. 

  597. //
    598. 

  598. 

  599. #if defined(_UNICODE) || defined(UNICODE)
    600. 

  600. #define PEVENT_TRACE_BUFFER_CALLBACK    PEVENT_TRACE_BUFFER_CALLBACKW
    601. 

  601. #define EVENT_TRACE_LOGFILE             EVENT_TRACE_LOGFILEW
    602. 

  602. #define PEVENT_TRACE_LOGFILE            PEVENT_TRACE_LOGFILEW
    603. 

  603. #define KERNEL_LOGGER_NAME              KERNEL_LOGGER_NAMEW
    604. 

  604. #define GLOBAL_LOGGER_NAME              GLOBAL_LOGGER_NAMEW
    605. 

  605. #define EVENT_LOGGER_NAME               EVENT_LOGGER_NAMEW
    606. 

  606. 

  607. #else
    608. 

  608. 

  609. #define PEVENT_TRACE_BUFFER_CALLBACK    PEVENT_TRACE_BUFFER_CALLBACKA
    610. 

  610. #define EVENT_TRACE_LOGFILE             EVENT_TRACE_LOGFILEA
    611. 

  611. #define PEVENT_TRACE_LOGFILE            PEVENT_TRACE_LOGFILEA
    612. 

  612. #define KERNEL_LOGGER_NAME              KERNEL_LOGGER_NAMEA
    613. 

  613. #define GLOBAL_LOGGER_NAME              GLOBAL_LOGGER_NAMEA
    614. 

  614. #define EVENT_LOGGER_NAME               EVENT_LOGGER_NAMEA
    615. 

  615. 

  616. #endif
    617. 

  617. 

  618. #if _MSC_VER >= 1200
    619. 

  619. #pragma warning(pop)
    620. 

  620. #endif
    621. 

  621. 

  622. #ifdef __cplusplus
    623. 

  623. extern "C" {
    624. 

  624. #endif
    625. 

  625. 

  626. 

  627. //
    628. 

  628. // Logger control APIs
    629. 

  629. //
    630. 

  630. 

  631. //
    632. 

  632. // Use the routine below to start an event trace session
    633. 

  633. //
    634. 

  634. 

  635. // ULONG
    636. 

  636. // StartTrace(
    637. 

  637. //      OUT PTRACEHANDLE TraceHandle,
    638. 

  638. //      IN LPTSTR InstanceName,
    639. 

  639. //      IN OUT PEVENT_TRACE_PROPERTIES Properties
    640. 

  640. //      );
    641. 

  641. 

  642. 

  643. EXTERN_C
    644. 

  644. ULONG
    645. 

  645. WMIAPI
    646. 

  646. StartTraceW(
    647. 

  647.     OUT PTRACEHANDLE TraceHandle,
    648. 

  648.     IN LPCWSTR InstanceName,
    649. 

  649.     IN OUT PEVENT_TRACE_PROPERTIES Properties
    650. 

  650.     );
    651. 

  651. 

  652. EXTERN_C
    653. 

  653. ULONG
    654. 

  654. WMIAPI
    655. 

  655. StartTraceA(
    656. 

  656.     OUT PTRACEHANDLE TraceHandle,
    657. 

  657.     IN LPCSTR InstanceName,
    658. 

  658.     IN OUT PEVENT_TRACE_PROPERTIES Properties
    659. 

  659.     );
    660. 

  660. 

  661. //
    662. 

  662. // Use the routine below to stop an event trace session
    663. 

  663. //
    664. 

  664. 

  665. //
    666. 

  666. // ULONG
    667. 

  667. // StopTrace(
    668. 

  668. //      IN TRACEHANDLE TraceHandle,
    669. 

  669. //      IN LPTSTR InstanceName,
    670. 

  670. //      IN OUT PEVENT_TRACE_PROPERTIES Properties
    671. 

  671. //      );
    672. 

  672. 

  673. EXTERN_C
    674. 

  674. ULONG
    675. 

  675. WMIAPI
    676. 

  676. StopTraceW(
    677. 

  677.     IN TRACEHANDLE TraceHandle,
    678. 

  678.     IN LPCWSTR InstanceName,
    679. 

  679.     IN OUT PEVENT_TRACE_PROPERTIES Properties
    680. 

  680.     );
    681. 

  681. 

  682. EXTERN_C
    683. 

  683. ULONG
    684. 

  684. WMIAPI
    685. 

  685. StopTraceA(
    686. 

  686.     IN TRACEHANDLE TraceHandle,
    687. 

  687.     IN LPCSTR InstanceName,
    688. 

  688.     IN OUT PEVENT_TRACE_PROPERTIES Properties
    689. 

  689.     );
    690. 

  690. 

  691. 

  692. //
    693. 

  693. // Use the routine below to query the properties of an event trace session
    694. 

  694. //
    695. 

  695. 

  696. // ULONG
    697. 

  697. // QueryTrace(
    698. 

  698. //      IN TRACEHANDLE TraceHandle,
    699. 

  699. //      IN LPTSTR InstanceName,
    700. 

  700. //      IN OUT PEVENT_TRACE_PROPERTIES Properties
    701. 

  701. //      );
    702. 

  702. 

  703. EXTERN_C
    704. 

  704. ULONG
    705. 

  705. WMIAPI
    706. 

  706. QueryTraceW(
    707. 

  707.     IN TRACEHANDLE TraceHandle,
    708. 

  708.     IN LPCWSTR InstanceName,
    709. 

  709.     IN OUT PEVENT_TRACE_PROPERTIES Properties
    710. 

  710.     );
    711. 

  711. 

  712. EXTERN_C
    713. 

  713. ULONG
    714. 

  714. WMIAPI
    715. 

  715. QueryTraceA(
    716. 

  716.     IN TRACEHANDLE TraceHandle,
    717. 

  717.     IN LPCSTR InstanceName,
    718. 

  718.     IN OUT PEVENT_TRACE_PROPERTIES Properties
    719. 

  719.     );
    720. 

  720. 

  721. //
    722. 

  722. // Use the routine below to update certain properties of an event trace session
    723. 

  723. //
    724. 

  724. 

  725. // ULONG
    726. 

  726. // UpdateTrace(
    727. 

  727. //      IN (PTRACEHANDLE TraceHandle,
    728. 

  728. //      IN LPTSTR InstanceName,
    729. 

  729. //      IN OUT PEVENT_TRACE_PROPERTIES Properties
    730. 

  730. //      );
    731. 

  731. 

  732. EXTERN_C
    733. 

  733. ULONG
    734. 

  734. WMIAPI
    735. 

  735. UpdateTraceW(
    736. 

  736.     IN TRACEHANDLE TraceHandle,
    737. 

  737.     IN LPCWSTR InstanceName,
    738. 

  738.     IN OUT PEVENT_TRACE_PROPERTIES Properties
    739. 

  739.     );
    740. 

  740. 

  741. EXTERN_C
    742. 

  742. ULONG
    743. 

  743. WMIAPI
    744. 

  744. UpdateTraceA(
    745. 

  745.     IN TRACEHANDLE TraceHandle,
    746. 

  746.     IN LPCSTR InstanceName,
    747. 

  747.     IN OUT PEVENT_TRACE_PROPERTIES Properties
    748. 

  748.     );
    749. 

  749. 

  750. //
    751. 

  751. // Use the routine below to request that all active buffers an event trace
    752. 

  752. // session be "flushed", or written out.
    753. 

  753. //
    754. 

  754. 

  755. #if (WINVER >= 0x0501)
    756. 

  756. // ULONG
    757. 

  757. // FlushTrace(
    758. 

  758. //      IN TRACEHANDLE TraceHandle,
    759. 

  759. //      IN LPTSTR InstanceName,
    760. 

  760. //      IN OUT PEVENT_TRACE_PROPERTIES Properties
    761. 

  761. //      );
    762. 

  762. 

  763. EXTERN_C
    764. 

  764. ULONG
    765. 

  765. WMIAPI
    766. 

  766. FlushTraceW(
    767. 

  767.     IN TRACEHANDLE TraceHandle,
    768. 

  768.     IN LPCWSTR InstanceName,
    769. 

  769.     IN OUT PEVENT_TRACE_PROPERTIES Properties
    770. 

  770.     );
    771. 

  771. 

  772. EXTERN_C
    773. 

  773. ULONG
    774. 

  774. WMIAPI
    775. 

  775. FlushTraceA(
    776. 

  776.     IN TRACEHANDLE TraceHandle,
    777. 

  777.     IN LPCSTR InstanceName,
    778. 

  778.     IN OUT PEVENT_TRACE_PROPERTIES Properties
    779. 

  779.     );
    780. 

  780. 

  781. #endif
    782. 

  782. 

  783. //
    784. 

  784. // Generic trace control routine
    785. 

  785. //
    786. 

  786. EXTERN_C
    787. 

  787. ULONG
    788. 

  788. WMIAPI
    789. 

  789. ControlTraceW(
    790. 

  790.     IN TRACEHANDLE TraceHandle,
    791. 

  791.     IN LPCWSTR InstanceName,
    792. 

  792.     IN OUT PEVENT_TRACE_PROPERTIES Properties,
    793. 

  793.     IN ULONG ControlCode
    794. 

  794.     );
    795. 

  795. 

  796. EXTERN_C
    797. 

  797. ULONG
    798. 

  798. WMIAPI
    799. 

  799. ControlTraceA(
    800. 

  800.     IN TRACEHANDLE TraceHandle,
    801. 

  801.     IN LPCSTR InstanceName,
    802. 

  802.     IN OUT PEVENT_TRACE_PROPERTIES Properties,
    803. 

  803.     IN ULONG ControlCode
    804. 

  804.     );
    805. 

  805. 

  806. //
    807. 

  807. // ULONG
    808. 

  808. // QueryAllTraces(
    809. 

  809. //  OUT PEVENT_TRACE_PROPERTIES *PropertyArray,
    810. 

  810. //  IN ULONG PropertyArrayCount,
    811. 

  811. //  OUT PULONG LoggerCount
    812. 

  812. //  );
    813. 

  813. //
    814. 

  814. 

  815. EXTERN_C
    816. 

  816. ULONG
    817. 

  817. WMIAPI
    818. 

  818. QueryAllTracesW(
    819. 

  819.     OUT PEVENT_TRACE_PROPERTIES *PropertyArray,
    820. 

  820.     IN ULONG PropertyArrayCount,
    821. 

  821.     OUT PULONG LoggerCount
    822. 

  822.     );
    823. 

  823. 

  824. EXTERN_C
    825. 

  825. ULONG
    826. 

  826. WMIAPI
    827. 

  827. QueryAllTracesA(
    828. 

  828.     OUT PEVENT_TRACE_PROPERTIES *PropertyArray,
    829. 

  829.     IN ULONG PropertyArrayCount,
    830. 

  830.     OUT PULONG LoggerCount
    831. 

  831.     );
    832. 

  832. 

  833. 

  834. //
    835. 

  835. // Data Provider APIs
    836. 

  836. //
    837. 

  837. 

  838. EXTERN_C
    839. 

  839. ULONG
    840. 

  840. WMIAPI
    841. 

  841. CreateTraceInstanceId(
    842. 

  842.     IN HANDLE RegHandle,
    843. 

  843.     IN OUT PEVENT_INSTANCE_INFO pInstInfo
    844. 

  844.     );
    845. 

  845. 

  846. EXTERN_C
    847. 

  847. ULONG
    848. 

  848. WMIAPI
    849. 

  849. EnableTrace(
    850. 

  850.     IN ULONG Enable,
    851. 

  851.     IN ULONG EnableFlag,
    852. 

  852.     IN ULONG EnableLevel,
    853. 

  853.     IN LPCGUID ControlGuid,
    854. 

  854.     IN TRACEHANDLE TraceHandle
    855. 

  855.     );
    856. 

  856. 

  857. //
    858. 

  858. // Use the routine below to generate and record an event trace
    859. 

  859. //
    860. 

  860. 

  861. 

  862. EXTERN_C
    863. 

  863. ULONG
    864. 

  864. WMIAPI
    865. 

  865. TraceEvent(
    866. 

  866.     IN TRACEHANDLE  TraceHandle,
    867. 

  867.     IN PEVENT_TRACE_HEADER EventTrace
    868. 

  868.     );
    869. 

  869. 

  870. EXTERN_C
    871. 

  871. ULONG
    872. 

  872. WMIAPI
    873. 

  873. TraceEventInstance(
    874. 

  874.     IN TRACEHANDLE TraceHandle,
    875. 

  875.     IN PEVENT_INSTANCE_HEADER EventTrace,
    876. 

  876.     IN PEVENT_INSTANCE_INFO pInstInfo,
    877. 

  877.     IN PEVENT_INSTANCE_INFO pParentInstInfo
    878. 

  878.     );
    879. 

  879. 

  880. //
    881. 

  881. // Use the routine below to register a guid for tracing
    882. 

  882. //
    883. 

  883. 

  884. //
    885. 

  885. // ULONG
    886. 

  886. // RegisterTraceGuids(
    887. 

  887. //  IN WMIDPREQUEST  RequestAddress,
    888. 

  888. //  IN PVOID         RequestContext,
    889. 

  889. //  IN LPCGUID       ControlGuid,
    890. 

  890. //  IN ULONG         GuidCount,
    891. 

  891. //  IN PTRACE_GUID_REGISTRATION TraceGuidReg,
    892. 

  892. //  IN LPCTSTR       MofImagePath,
    893. 

  893. //  IN LPCTSTR       MofResourceName,
    894. 

  894. //  OUT PTRACEHANDLE RegistrationHandle
    895. 

  895. //  );
    896. 

  896. //
    897. 

  897. 

  898. EXTERN_C
    899. 

  899. ULONG
    900. 

  900. WMIAPI
    901. 

  901. RegisterTraceGuidsW(
    902. 

  902.     IN WMIDPREQUEST  RequestAddress,
    903. 

  903.     IN PVOID         RequestContext,
    904. 

  904.     IN LPCGUID       ControlGuid,
    905. 

  905.     IN ULONG         GuidCount,
    906. 

  906.     IN PTRACE_GUID_REGISTRATION TraceGuidReg,
    907. 

  907.     IN LPCWSTR       MofImagePath,
    908. 

  908.     IN LPCWSTR       MofResourceName,
    909. 

  909.     OUT PTRACEHANDLE RegistrationHandle
    910. 

  910.     );
    911. 

  911. 

  912. EXTERN_C
    913. 

  913. ULONG
    914. 

  914. WMIAPI
    915. 

  915. RegisterTraceGuidsA(
    916. 

  916.     IN WMIDPREQUEST  RequestAddress,
    917. 

  917.     IN PVOID         RequestContext,
    918. 

  918.     IN LPCGUID       ControlGuid,
    919. 

  919.     IN ULONG         GuidCount,
    920. 

  920.     IN PTRACE_GUID_REGISTRATION TraceGuidReg,
    921. 

  921.     IN LPCSTR        MofImagePath,
    922. 

  922.     IN LPCSTR        MofResourceName,
    923. 

  923.     OUT PTRACEHANDLE RegistrationHandle
    924. 

  924.     );
    925. 

  925. 

  926. #if (WINVER >= 0x0501)
    927. 

  927. EXTERN_C
    928. 

  928. ULONG
    929. 

  929. WMIAPI
    930. 

  930. EnumerateTraceGuids(
    931. 

  931.     IN OUT PTRACE_GUID_PROPERTIES *GuidPropertiesArray,
    932. 

  932.     IN ULONG PropertyArrayCount,
    933. 

  933.     OUT PULONG GuidCount
    934. 

  934.     );
    935. 

  935. #endif
    936. 

  936. 

  937. EXTERN_C
    938. 

  938. ULONG
    939. 

  939. WMIAPI
    940. 

  940. UnregisterTraceGuids(
    941. 

  941.     IN TRACEHANDLE RegistrationHandle
    942. 

  942.     );
    943. 

  943. 

  944. EXTERN_C
    945. 

  945. TRACEHANDLE
    946. 

  946. WMIAPI
    947. 

  947. GetTraceLoggerHandle(
    948. 

  948.     IN PVOID Buffer
    949. 

  949.     );
    950. 

  950. 

  951. EXTERN_C
    952. 

  952. UCHAR
    953. 

  953. WMIAPI
    954. 

  954. GetTraceEnableLevel(
    955. 

  955.     IN TRACEHANDLE TraceHandle
    956. 

  956.     );
    957. 

  957. 

  958. EXTERN_C
    959. 

  959. ULONG
    960. 

  960. WMIAPI
    961. 

  961. GetTraceEnableFlags(
    962. 

  962.     IN TRACEHANDLE TraceHandle
    963. 

  963.     );
    964. 

  964. 

  965. //
    966. 

  966. // Data Consumer APIs and structures start here
    967. 

  967. //
    968. 

  968. 

  969. //
    970. 

  970. // TRACEHANDLE
    971. 

  971. // OpenTrace(
    972. 

  972. //  IN OUT PEVENT_TRACE_LOGFILE Logfile
    973. 

  973. //  );
    974. 

  974. //
    975. 

  975. 

  976. EXTERN_C
    977. 

  977. TRACEHANDLE
    978. 

  978. WMIAPI
    979. 

  979. OpenTraceA(
    980. 

  980.     IN OUT PEVENT_TRACE_LOGFILEA Logfile
    981. 

  981.     );
    982. 

  982. 

  983. EXTERN_C
    984. 

  984. TRACEHANDLE
    985. 

  985. WMIAPI
    986. 

  986. OpenTraceW(
    987. 

  987.     IN OUT PEVENT_TRACE_LOGFILEW Logfile
    988. 

  988.     );
    989. 

  989. 

  990. EXTERN_C
    991. 

  991. ULONG
    992. 

  992. WMIAPI
    993. 

  993. ProcessTrace(
    994. 

  994.     IN PTRACEHANDLE HandleArray,
    995. 

  995.     IN ULONG HandleCount,
    996. 

  996.     IN LPFILETIME StartTime,
    997. 

  997.     IN LPFILETIME EndTime
    998. 

  998.     );
    999. 

  999. 

  1000. EXTERN_C
    1001. 

  1001. ULONG
    1002. 

  1002. WMIAPI
    1003. 

  1003. CloseTrace(
    1004. 

  1004.     IN TRACEHANDLE TraceHandle
    1005. 

  1005.     );
    1006. 

  1006. 

  1007. EXTERN_C
    1008. 

  1008. ULONG
    1009. 

  1009. WMIAPI
    1010. 

  1010. SetTraceCallback(
    1011. 

  1011.     IN LPCGUID pGuid,
    1012. 

  1012.     IN PEVENT_CALLBACK EventCallback
    1013. 

  1013.     );
    1014. 

  1014. 

  1015. EXTERN_C
    1016. 

  1016. ULONG
    1017. 

  1017. WMIAPI
    1018. 

  1018. RemoveTraceCallback (
    1019. 

  1019.     IN LPCGUID pGuid
    1020. 

  1020.     );
    1021. 

  1021. 

  1022. //
    1023. 

  1023. // The routines for tracing Messages follow
    1024. 

  1024. //
    1025. 

  1025. EXTERN_C
    1026. 

  1026. ULONG 
    1027. 

  1027. __cdecl
    1028. 

  1028. TraceMessage(
    1029. 

  1029.     IN TRACEHANDLE  LoggerHandle,
    1030. 

  1030.     IN ULONG        MessageFlags,
    1031. 

  1031.     IN LPGUID       MessageGuid,
    1032. 

  1032.     IN USHORT       MessageNumber,
    1033. 

  1033.     ...
    1034. 

  1034. );
    1035. 

  1035. 

  1036. EXTERN_C
    1037. 

  1037. ULONG 
    1038. 

  1038. TraceMessageVa(
    1039. 

  1039.     IN TRACEHANDLE  LoggerHandle,
    1040. 

  1040.     IN ULONG        MessageFlags,
    1041. 

  1041.     IN LPGUID       MessageGuid,
    1042. 

  1042.     IN USHORT       MessageNumber,
    1043. 

  1043.     IN va_list      MessageArgList
    1044. 

  1044. );
    1045. 

  1045. 

  1046. #ifdef __cplusplus
    1047. 

  1047. }       // extern "C"
    1048. 

  1048. #endif
    1049. 

  1049. 

  1050. //
    1051. 

  1051. //
    1052. 

  1052. // Define the encoding independent routines
    1053. 

  1053. //
    1054. 

  1054. 

  1055. #if defined(UNICODE) || defined(_UNICODE)
    1056. 

  1056. #define RegisterTraceGuids      RegisterTraceGuidsW
    1057. 

  1057. #define StartTrace              StartTraceW
    1058. 

  1058. #define ControlTrace            ControlTraceW
    1059. 

  1059. #if defined(__TRACE_W2K_COMPATIBLE)
    1060. 

  1060. #define StopTrace(a,b,c)        ControlTraceW((a),(b),(c), \
    1061. 

  1061.                                         EVENT_TRACE_CONTROL_STOP)
    1062. 

  1062. #define QueryTrace(a,b,c)       ControlTraceW((a),(b),(c), \
    1063. 

  1063.                                         EVENT_TRACE_CONTROL_QUERY)
    1064. 

  1064. #define UpdateTrace(a,b,c)      ControlTraceW((a),(b),(c), \
    1065. 

  1065.                                         EVENT_TRACE_CONTROL_UPDATE)
    1066. 

  1066. #else
    1067. 

  1067. #define StopTrace               StopTraceW
    1068. 

  1068. #define QueryTrace              QueryTraceW
    1069. 

  1069. #define UpdateTrace             UpdateTraceW
    1070. 

  1070. #endif
    1071. 

  1071. #if (WINVER >= 0x0501)
    1072. 

  1072. #define FlushTrace              FlushTraceW
    1073. 

  1073. #endif
    1074. 

  1074. #define QueryAllTraces          QueryAllTracesW
    1075. 

  1075. #define OpenTrace               OpenTraceW
    1076. 

  1076. #else
    1077. 

  1077. #define RegisterTraceGuids      RegisterTraceGuidsA
    1078. 

  1078. #define StartTrace              StartTraceA
    1079. 

  1079. #define ControlTrace            ControlTraceA
    1080. 

  1080. #if defined(__TRACE_W2K_COMPATIBLE)
    1081. 

  1081. #define StopTrace(a,b,c)        ControlTraceA((a),(b),(c), \
    1082. 

  1082.                                         EVENT_TRACE_CONTROL_STOP)
    1083. 

  1083. #define QueryTrace(a,b,c)       ControlTraceA((a),(b),(c), \
    1084. 

  1084.                                         EVENT_TRACE_CONTROL_QUERY)
    1085. 

  1085. #define UpdateTrace(a,b,c)      ControlTraceA((a),(b),(c), \
    1086. 

  1086.                                         EVENT_TRACE_CONTROL_UPDATE)
    1087. 

  1087. #else
    1088. 

  1088. #define StopTrace               StopTraceA
    1089. 

  1089. #define QueryTrace              QueryTraceA
    1090. 

  1090. #define UpdateTrace             UpdateTraceA
    1091. 

  1091. #endif
    1092. 

  1092. #if (WINVER >= 0x0501)
    1093. 

  1093. #define FlushTrace              FlushTraceA
    1094. 

  1094. #endif
    1095. 

  1095. #define QueryAllTraces          QueryAllTracesA
    1096. 

  1096. #define OpenTrace               OpenTraceA
    1097. 

  1097. #endif  // UNICODE
    1098. 

  1098. 

  1099. #endif /* _WMIKM_  && _NTDDK_ */
    1100. 

  1100. 

  1101. #endif // WINNT
    1102. 

  1102. #endif /* _EVNTRACE_ */
    1103.