Previous Topic Next topic Print topic


Structures and Typedefs - AUDIT_EMITTER_EVENT

typedef struct audit_emitter_event
{
    cobuns32_t          version;          Version of structure format
    cobuns32_t          flags;            Control flags
    cobuns32_t          date;             Encoded date
    cobuns32_t          time;             Encoded time
    cobuns32_t          process_id_len;   Length of process identifier
    cobuns32_t          thread_id_len;    Length of thread identifier
    cobuns32_t          comp_id;          Component identifier
    cobuns32_t          event_id;         Audit event identifier
    cobuns32_t          event_category;   Audit event category
    cobuns32_t          data_count;       Number of audit data items
    cobuns32_t          reserved1[6];     Reserved for future use
    const cobuns8_t     *process_id;      Process identifier
    const cobuns8_t     *thread_id;       Thread identifier
    const cobuns8_t     *appname;         Null-terminated application name
    const cobuns8_t     *cmdline;         Null-terminated process cmd line
    const cobuns8_t     *os_name;         Null-terminated operating system name
    const cobuns8_t     *mc_name;         Null-terminated machine name
    const cobuns8_t     *sys_name;        Null-terminated system name
    const cobuns8_t     *comp_name;       Null-terminated component name
    const cobuns8_t     *auditmgr_name;   Null-terminated auditmgr instance name
    const cobuns32_t    *event_len;       Audit data item lengths
    const cobuns32_t    *event_type;      Audit data item types
    const void          **event_data;     Audit data items
    void                *reserved2[7];    Reserved for future use
}AUDIT_EMITTER_EVENT;

Version types (version):

	#define AUDIT_EMITTER_VERSION	0

Control flags (flags):

	#define AUDIT_EMITTER_FLAGS_NONE         0x00000000
	#define AUDIT_EMITTER_FLAGS_ARRAY_DATA   0x00000002

Event categories (event_category):

	#define AUDIT_EVENT_CATEGORY_UNKNOWN             0
	#define AUDIT_EVENT_CATEGORY_AUDIT_FACILITY      1
	#define AUDIT_EVENT_CATEGORY_SYSTEM              2
	#define AUDIT_EVENT_CATEGORY_SEC_API_REQ_CHECK   3
	#define AUDIT_EVENT_CATEGORY_SEC_API_REQ_DEFINE  4
	#define AUDIT_EVENT_CATEGORY_SEC_API_REQ_OTHER   5
	#define AUDIT_EVENT_CATEGORY_SEC_API_RES_ALLOW   6
	#define AUDIT_EVENT_CATEGORY_SEC_API_RES_DENY    7
	#define AUDIT_EVENT_CATEGORY_SEC_API_RES_ERROR   8
	#define AUDIT_EVENT_CATEGORY_SEC_API_RES_SUCCESS 9

Audit data item types (event_type):

	#define AUDIT_EMITTER_TYPE_BINARY     0
	#define AUDIT_EMITTER_TYPE_TEXT       1
	#define AUDIT_EMITTER_TYPE_ADDRESS    2
	#define AUDIT_EMITTER_TYPE_COMP5      3
	#define AUDIT_EMITTER_TYPE_COMPX      4
	#define AUDIT_EMITTER_TYPE_UTF8       5
	#define AUDIT_EMITTER_TYPE_COMP5S     6
	#define AUDIT_EMITTER_TYPE_COMPXS     7


Previous Topic Next topic Print topic