@bun-win32/wevtapi 1.0.0 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AI.md +5 -3
- package/README.md +1 -0
- package/package.json +4 -4
- package/structs/Wevtapi.ts +64 -56
- package/types/Wevtapi.ts +1 -1
package/AI.md
CHANGED
|
@@ -53,7 +53,7 @@ const text = new TextDecoder('utf-16').decode(buf).replace(/\0.*$/, '');
|
|
|
53
53
|
|
|
54
54
|
- **Pointer** params (`LP*`, `P*`, `Pointer`): pass `buffer.ptr` from a caller-allocated `Buffer`.
|
|
55
55
|
- **Handle** params (`HANDLE`, `HWND`, etc.): pass a `bigint` value.
|
|
56
|
-
- **Out-parameters
|
|
56
|
+
- **Out-parameters** carry a direction suffix on the parameter **name** — `_out` for an `_Out_` param (the function writes through it), `_in_out` for `_Inout_` (you seed it, the function updates it); an `_In_` param is bare. Allocate a `Buffer`, pass `.ptr`, read the result after the call.
|
|
57
57
|
|
|
58
58
|
```ts
|
|
59
59
|
const out = Buffer.alloc(4);
|
|
@@ -63,9 +63,11 @@ const value = out.readUInt32LE(0);
|
|
|
63
63
|
|
|
64
64
|
### Nullability
|
|
65
65
|
|
|
66
|
-
|
|
67
|
-
- `| 0n` in a signature -> pass `0n` (optional handle).
|
|
66
|
+
Nullability is encoded in the **type** via two representation-aware markers — the null sentinel is derived from `T` (`null` for pointer types `LP*`/`P*`, `0n` for handles and by-value addresses):
|
|
68
67
|
|
|
68
|
+
- `Optional<T>` — the parameter is formally optional (SAL `_*opt_` / `[*, optional]` / `_Reserved_` that still takes a value). Pass a value, or the null sentinel to omit.
|
|
69
|
+
- `Nullable<T>` — a plain `[in]`/`[out]` param whose docs say it can be NULL ("This parameter can be NULL" / "Specify NULL to …", including sizing-call buffers).
|
|
70
|
+
- A **required** param is bare; a **must-be-null reserved** param is typed `NULL`. A by-value **scalar** (`DWORD`/`ULONG`/`UINT`/`BOOL`) is never wrapped — its "optional" means pass `0`/a default.
|
|
69
71
|
## Errors and Cleanup
|
|
70
72
|
|
|
71
73
|
Return values are raw. If the Win32 function uses last-error semantics, read via `GetLastError()`. Resource cleanup is your responsibility - same as raw Win32.
|
package/README.md
CHANGED
|
@@ -60,3 +60,4 @@ bun run example:channel-report
|
|
|
60
60
|
|
|
61
61
|
- Either rely on lazy binding or call `Wevtapi.Preload()`.
|
|
62
62
|
- Windows only. Bun runtime required.
|
|
63
|
+
- **SAL types & naming:** nullability is in the **type** — `Optional<T>` (formally optional, SAL `_*opt_`) and `Nullable<T>` (plain `[in]`/`[out]` the docs say can be NULL), the null sentinel derived from `T` (`null` for pointers `LP*`/`P*`, `0n` for handles/by-value addresses); direction is in the **parameter name** — `_out` (`_Out_`), `_in_out` (`_Inout_`), `_In_` bare. See `AI.md` and the repo `AGENTS.md`.
|
package/package.json
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
{
|
|
2
|
-
"author": "Stev Peifer <stev@
|
|
2
|
+
"author": "Stev Peifer <stev.p@outlook.com>",
|
|
3
3
|
"bugs": {
|
|
4
4
|
"url": "https://github.com/ObscuritySRL/bun-win32/issues"
|
|
5
5
|
},
|
|
6
6
|
"dependencies": {
|
|
7
|
-
"@bun-win32/core": "
|
|
7
|
+
"@bun-win32/core": "2.0.1"
|
|
8
8
|
},
|
|
9
9
|
"description": "Zero-dependency, zero-overhead Win32 WEVTAPI bindings for Bun (FFI) on Windows.",
|
|
10
10
|
"devDependencies": {
|
|
11
|
-
"@bun-win32/kernel32": "
|
|
11
|
+
"@bun-win32/kernel32": "2.0.1",
|
|
12
12
|
"@types/bun": "latest"
|
|
13
13
|
},
|
|
14
14
|
"exports": {
|
|
@@ -28,7 +28,7 @@
|
|
|
28
28
|
"directory": "packages/wevtapi"
|
|
29
29
|
},
|
|
30
30
|
"type": "module",
|
|
31
|
-
"version": "
|
|
31
|
+
"version": "2.0.1",
|
|
32
32
|
"main": "./index.ts",
|
|
33
33
|
"keywords": [
|
|
34
34
|
"bun",
|
package/structs/Wevtapi.ts
CHANGED
|
@@ -28,7 +28,8 @@ import type {
|
|
|
28
28
|
LONGLONG,
|
|
29
29
|
LPCWSTR,
|
|
30
30
|
LPWSTR,
|
|
31
|
-
|
|
31
|
+
Nullable,
|
|
32
|
+
Optional,
|
|
32
33
|
PDWORD,
|
|
33
34
|
PEVT_HANDLE,
|
|
34
35
|
PEVT_RPC_LOGIN,
|
|
@@ -100,17 +101,17 @@ class Wevtapi extends Win32 {
|
|
|
100
101
|
} as const satisfies Record<string, FFIFunction>;
|
|
101
102
|
|
|
102
103
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtarchiveexportedlog
|
|
103
|
-
public static EvtArchiveExportedLog(Session: EVT_HANDLE
|
|
104
|
+
public static EvtArchiveExportedLog(Session: Optional<EVT_HANDLE>, LogFilePath: LPCWSTR, Locale: LCID, Flags: DWORD): BOOL {
|
|
104
105
|
return Wevtapi.Load('EvtArchiveExportedLog')(Session, LogFilePath, Locale, Flags);
|
|
105
106
|
}
|
|
106
107
|
|
|
107
108
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtcancel
|
|
108
|
-
public static EvtCancel(Object: EVT_HANDLE
|
|
109
|
+
public static EvtCancel(Object: Optional<EVT_HANDLE>): BOOL {
|
|
109
110
|
return Wevtapi.Load('EvtCancel')(Object);
|
|
110
111
|
}
|
|
111
112
|
|
|
112
113
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtclearlog
|
|
113
|
-
public static EvtClearLog(Session: EVT_HANDLE
|
|
114
|
+
public static EvtClearLog(Session: Optional<EVT_HANDLE>, ChannelPath: LPCWSTR, TargetFilePath: Optional<LPCWSTR>, Flags: DWORD): BOOL {
|
|
114
115
|
return Wevtapi.Load('EvtClearLog')(Session, ChannelPath, TargetFilePath, Flags);
|
|
115
116
|
}
|
|
116
117
|
|
|
@@ -120,43 +121,50 @@ class Wevtapi extends Win32 {
|
|
|
120
121
|
}
|
|
121
122
|
|
|
122
123
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtcreatebookmark
|
|
123
|
-
public static EvtCreateBookmark(BookmarkXml: LPCWSTR
|
|
124
|
+
public static EvtCreateBookmark(BookmarkXml: Optional<LPCWSTR>): EVT_HANDLE {
|
|
124
125
|
return Wevtapi.Load('EvtCreateBookmark')(BookmarkXml);
|
|
125
126
|
}
|
|
126
127
|
|
|
127
128
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtcreaterendercontext
|
|
128
|
-
public static EvtCreateRenderContext(ValuePathsCount: DWORD, ValuePaths: PLPCWSTR
|
|
129
|
+
public static EvtCreateRenderContext(ValuePathsCount: DWORD, ValuePaths: Optional<PLPCWSTR>, Flags: EvtRenderContextFlags): EVT_HANDLE {
|
|
129
130
|
return Wevtapi.Load('EvtCreateRenderContext')(ValuePathsCount, ValuePaths, Flags);
|
|
130
131
|
}
|
|
131
132
|
|
|
132
133
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtexportlog
|
|
133
|
-
public static EvtExportLog(Session: EVT_HANDLE
|
|
134
|
+
public static EvtExportLog(Session: Optional<EVT_HANDLE>, Path: Optional<LPCWSTR>, Query: Optional<LPCWSTR>, TargetFilePath: LPCWSTR, Flags: EvtExportLogFlags): BOOL {
|
|
134
135
|
return Wevtapi.Load('EvtExportLog')(Session, Path, Query, TargetFilePath, Flags);
|
|
135
136
|
}
|
|
136
137
|
|
|
137
138
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtformatmessage
|
|
138
139
|
public static EvtFormatMessage(
|
|
139
|
-
PublisherMetadata: EVT_HANDLE
|
|
140
|
-
Event: EVT_HANDLE
|
|
140
|
+
PublisherMetadata: Optional<EVT_HANDLE>,
|
|
141
|
+
Event: Optional<EVT_HANDLE>,
|
|
141
142
|
MessageId: DWORD,
|
|
142
143
|
ValueCount: DWORD,
|
|
143
|
-
Values: PEVT_VARIANT
|
|
144
|
+
Values: Optional<PEVT_VARIANT>,
|
|
144
145
|
Flags: EvtFormatMessageFlags,
|
|
145
146
|
BufferSize: DWORD,
|
|
146
|
-
|
|
147
|
-
|
|
147
|
+
Buffer_out: Optional<LPWSTR>,
|
|
148
|
+
BufferUsed_out: PDWORD,
|
|
148
149
|
): BOOL {
|
|
149
|
-
return Wevtapi.Load('EvtFormatMessage')(PublisherMetadata, Event, MessageId, ValueCount, Values, Flags, BufferSize,
|
|
150
|
+
return Wevtapi.Load('EvtFormatMessage')(PublisherMetadata, Event, MessageId, ValueCount, Values, Flags, BufferSize, Buffer_out, BufferUsed_out);
|
|
150
151
|
}
|
|
151
152
|
|
|
152
153
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtgetchannelconfigproperty
|
|
153
|
-
public static EvtGetChannelConfigProperty(
|
|
154
|
-
|
|
154
|
+
public static EvtGetChannelConfigProperty(
|
|
155
|
+
ChannelConfig: EVT_HANDLE,
|
|
156
|
+
PropertyId: EvtChannelConfigPropertyId,
|
|
157
|
+
Flags: DWORD,
|
|
158
|
+
PropertyValueBufferSize: DWORD,
|
|
159
|
+
PropertyValueBuffer_out: Optional<PEVT_VARIANT>,
|
|
160
|
+
PropertyValueBufferUsed_out: PDWORD,
|
|
161
|
+
): BOOL {
|
|
162
|
+
return Wevtapi.Load('EvtGetChannelConfigProperty')(ChannelConfig, PropertyId, Flags, PropertyValueBufferSize, PropertyValueBuffer_out, PropertyValueBufferUsed_out);
|
|
155
163
|
}
|
|
156
164
|
|
|
157
165
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtgeteventinfo
|
|
158
|
-
public static EvtGetEventInfo(Event: EVT_HANDLE, PropertyId: EvtEventPropertyId, PropertyValueBufferSize: DWORD,
|
|
159
|
-
return Wevtapi.Load('EvtGetEventInfo')(Event, PropertyId, PropertyValueBufferSize,
|
|
166
|
+
public static EvtGetEventInfo(Event: EVT_HANDLE, PropertyId: EvtEventPropertyId, PropertyValueBufferSize: DWORD, PropertyValueBuffer_out: Optional<PEVT_VARIANT>, PropertyValueBufferUsed_out: PDWORD): BOOL {
|
|
167
|
+
return Wevtapi.Load('EvtGetEventInfo')(Event, PropertyId, PropertyValueBufferSize, PropertyValueBuffer_out, PropertyValueBufferUsed_out);
|
|
160
168
|
}
|
|
161
169
|
|
|
162
170
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtgeteventmetadataproperty
|
|
@@ -165,20 +173,20 @@ class Wevtapi extends Win32 {
|
|
|
165
173
|
PropertyId: EvtEventMetadataPropertyId,
|
|
166
174
|
Flags: DWORD,
|
|
167
175
|
EventMetadataPropertyBufferSize: DWORD,
|
|
168
|
-
|
|
169
|
-
|
|
176
|
+
EventMetadataPropertyBuffer_out: Optional<PEVT_VARIANT>,
|
|
177
|
+
EventMetadataPropertyBufferUsed_out: PDWORD,
|
|
170
178
|
): BOOL {
|
|
171
|
-
return Wevtapi.Load('EvtGetEventMetadataProperty')(EventMetadata, PropertyId, Flags, EventMetadataPropertyBufferSize,
|
|
179
|
+
return Wevtapi.Load('EvtGetEventMetadataProperty')(EventMetadata, PropertyId, Flags, EventMetadataPropertyBufferSize, EventMetadataPropertyBuffer_out, EventMetadataPropertyBufferUsed_out);
|
|
172
180
|
}
|
|
173
181
|
|
|
174
182
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtgetextendedstatus
|
|
175
|
-
public static EvtGetExtendedStatus(BufferSize: DWORD,
|
|
176
|
-
return Wevtapi.Load('EvtGetExtendedStatus')(BufferSize,
|
|
183
|
+
public static EvtGetExtendedStatus(BufferSize: DWORD, Buffer_out: Optional<LPWSTR>, BufferUsed_out: PDWORD): DWORD {
|
|
184
|
+
return Wevtapi.Load('EvtGetExtendedStatus')(BufferSize, Buffer_out, BufferUsed_out);
|
|
177
185
|
}
|
|
178
186
|
|
|
179
187
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtgetloginfo
|
|
180
|
-
public static EvtGetLogInfo(Log: EVT_HANDLE, PropertyId: EvtLogPropertyId, PropertyValueBufferSize: DWORD,
|
|
181
|
-
return Wevtapi.Load('EvtGetLogInfo')(Log, PropertyId, PropertyValueBufferSize,
|
|
188
|
+
public static EvtGetLogInfo(Log: EVT_HANDLE, PropertyId: EvtLogPropertyId, PropertyValueBufferSize: DWORD, PropertyValueBuffer_out: Optional<PEVT_VARIANT>, PropertyValueBufferUsed_out: PDWORD): BOOL {
|
|
189
|
+
return Wevtapi.Load('EvtGetLogInfo')(Log, PropertyId, PropertyValueBufferSize, PropertyValueBuffer_out, PropertyValueBufferUsed_out);
|
|
182
190
|
}
|
|
183
191
|
|
|
184
192
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtgetobjectarrayproperty
|
|
@@ -188,15 +196,15 @@ class Wevtapi extends Win32 {
|
|
|
188
196
|
ArrayIndex: DWORD,
|
|
189
197
|
Flags: DWORD,
|
|
190
198
|
PropertyValueBufferSize: DWORD,
|
|
191
|
-
|
|
192
|
-
|
|
199
|
+
PropertyValueBuffer_out: Optional<PEVT_VARIANT>,
|
|
200
|
+
PropertyValueBufferUsed_out: PDWORD,
|
|
193
201
|
): BOOL {
|
|
194
|
-
return Wevtapi.Load('EvtGetObjectArrayProperty')(ObjectArray, PropertyId, ArrayIndex, Flags, PropertyValueBufferSize,
|
|
202
|
+
return Wevtapi.Load('EvtGetObjectArrayProperty')(ObjectArray, PropertyId, ArrayIndex, Flags, PropertyValueBufferSize, PropertyValueBuffer_out, PropertyValueBufferUsed_out);
|
|
195
203
|
}
|
|
196
204
|
|
|
197
205
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtgetobjectarraysize
|
|
198
|
-
public static EvtGetObjectArraySize(ObjectArray: EVT_OBJECT_ARRAY_PROPERTY_HANDLE,
|
|
199
|
-
return Wevtapi.Load('EvtGetObjectArraySize')(ObjectArray,
|
|
206
|
+
public static EvtGetObjectArraySize(ObjectArray: EVT_OBJECT_ARRAY_PROPERTY_HANDLE, ObjectArraySize_out: PDWORD): BOOL {
|
|
207
|
+
return Wevtapi.Load('EvtGetObjectArraySize')(ObjectArray, ObjectArraySize_out);
|
|
200
208
|
}
|
|
201
209
|
|
|
202
210
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtgetpublishermetadataproperty
|
|
@@ -205,25 +213,25 @@ class Wevtapi extends Win32 {
|
|
|
205
213
|
PropertyId: EvtPublisherMetadataPropertyId,
|
|
206
214
|
Flags: DWORD,
|
|
207
215
|
PublisherMetadataPropertyBufferSize: DWORD,
|
|
208
|
-
|
|
209
|
-
|
|
216
|
+
PublisherMetadataPropertyBuffer_out: Optional<PEVT_VARIANT>,
|
|
217
|
+
PublisherMetadataPropertyBufferUsed_out: PDWORD,
|
|
210
218
|
): BOOL {
|
|
211
|
-
return Wevtapi.Load('EvtGetPublisherMetadataProperty')(PublisherMetadata, PropertyId, Flags, PublisherMetadataPropertyBufferSize,
|
|
219
|
+
return Wevtapi.Load('EvtGetPublisherMetadataProperty')(PublisherMetadata, PropertyId, Flags, PublisherMetadataPropertyBufferSize, PublisherMetadataPropertyBuffer_out, PublisherMetadataPropertyBufferUsed_out);
|
|
212
220
|
}
|
|
213
221
|
|
|
214
222
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtgetqueryinfo
|
|
215
|
-
public static EvtGetQueryInfo(QueryOrSubscription: EVT_HANDLE, PropertyId: EvtQueryPropertyId, PropertyValueBufferSize: DWORD,
|
|
216
|
-
return Wevtapi.Load('EvtGetQueryInfo')(QueryOrSubscription, PropertyId, PropertyValueBufferSize,
|
|
223
|
+
public static EvtGetQueryInfo(QueryOrSubscription: EVT_HANDLE, PropertyId: EvtQueryPropertyId, PropertyValueBufferSize: DWORD, PropertyValueBuffer_out: Optional<PEVT_VARIANT>, PropertyValueBufferUsed_out: PDWORD): BOOL {
|
|
224
|
+
return Wevtapi.Load('EvtGetQueryInfo')(QueryOrSubscription, PropertyId, PropertyValueBufferSize, PropertyValueBuffer_out, PropertyValueBufferUsed_out);
|
|
217
225
|
}
|
|
218
226
|
|
|
219
227
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtnext
|
|
220
|
-
public static EvtNext(ResultSet: EVT_HANDLE, EventsSize: DWORD,
|
|
221
|
-
return Wevtapi.Load('EvtNext')(ResultSet, EventsSize,
|
|
228
|
+
public static EvtNext(ResultSet: EVT_HANDLE, EventsSize: DWORD, Events_out: PEVT_HANDLE, Timeout: DWORD, Flags: DWORD, Returned_out: PDWORD): BOOL {
|
|
229
|
+
return Wevtapi.Load('EvtNext')(ResultSet, EventsSize, Events_out, Timeout, Flags, Returned_out);
|
|
222
230
|
}
|
|
223
231
|
|
|
224
232
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtnextchannelpath
|
|
225
|
-
public static EvtNextChannelPath(ChannelEnum: EVT_HANDLE, ChannelPathBufferSize: DWORD,
|
|
226
|
-
return Wevtapi.Load('EvtNextChannelPath')(ChannelEnum, ChannelPathBufferSize,
|
|
233
|
+
public static EvtNextChannelPath(ChannelEnum: EVT_HANDLE, ChannelPathBufferSize: DWORD, ChannelPathBuffer_out: Optional<LPWSTR>, ChannelPathBufferUsed_out: PDWORD): BOOL {
|
|
234
|
+
return Wevtapi.Load('EvtNextChannelPath')(ChannelEnum, ChannelPathBufferSize, ChannelPathBuffer_out, ChannelPathBufferUsed_out);
|
|
227
235
|
}
|
|
228
236
|
|
|
229
237
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtnexteventmetadata
|
|
@@ -232,17 +240,17 @@ class Wevtapi extends Win32 {
|
|
|
232
240
|
}
|
|
233
241
|
|
|
234
242
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtnextpublisherid
|
|
235
|
-
public static EvtNextPublisherId(PublisherEnum: EVT_HANDLE, PublisherIdBufferSize: DWORD,
|
|
236
|
-
return Wevtapi.Load('EvtNextPublisherId')(PublisherEnum, PublisherIdBufferSize,
|
|
243
|
+
public static EvtNextPublisherId(PublisherEnum: EVT_HANDLE, PublisherIdBufferSize: DWORD, PublisherIdBuffer_out: Optional<LPWSTR>, PublisherIdBufferUsed_out: PDWORD): BOOL {
|
|
244
|
+
return Wevtapi.Load('EvtNextPublisherId')(PublisherEnum, PublisherIdBufferSize, PublisherIdBuffer_out, PublisherIdBufferUsed_out);
|
|
237
245
|
}
|
|
238
246
|
|
|
239
247
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtopenchannelconfig
|
|
240
|
-
public static EvtOpenChannelConfig(Session: EVT_HANDLE
|
|
248
|
+
public static EvtOpenChannelConfig(Session: Optional<EVT_HANDLE>, ChannelPath: LPCWSTR, Flags: DWORD): EVT_HANDLE {
|
|
241
249
|
return Wevtapi.Load('EvtOpenChannelConfig')(Session, ChannelPath, Flags);
|
|
242
250
|
}
|
|
243
251
|
|
|
244
252
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtopenchannelenum
|
|
245
|
-
public static EvtOpenChannelEnum(Session: EVT_HANDLE
|
|
253
|
+
public static EvtOpenChannelEnum(Session: Optional<EVT_HANDLE>, Flags: DWORD): EVT_HANDLE {
|
|
246
254
|
return Wevtapi.Load('EvtOpenChannelEnum')(Session, Flags);
|
|
247
255
|
}
|
|
248
256
|
|
|
@@ -252,17 +260,17 @@ class Wevtapi extends Win32 {
|
|
|
252
260
|
}
|
|
253
261
|
|
|
254
262
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtopenlog
|
|
255
|
-
public static EvtOpenLog(Session: EVT_HANDLE
|
|
263
|
+
public static EvtOpenLog(Session: Optional<EVT_HANDLE>, Path: LPCWSTR, Flags: EvtOpenLogFlags): EVT_HANDLE {
|
|
256
264
|
return Wevtapi.Load('EvtOpenLog')(Session, Path, Flags);
|
|
257
265
|
}
|
|
258
266
|
|
|
259
267
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtopenpublisherenum
|
|
260
|
-
public static EvtOpenPublisherEnum(Session: EVT_HANDLE
|
|
268
|
+
public static EvtOpenPublisherEnum(Session: Optional<EVT_HANDLE>, Flags: DWORD): EVT_HANDLE {
|
|
261
269
|
return Wevtapi.Load('EvtOpenPublisherEnum')(Session, Flags);
|
|
262
270
|
}
|
|
263
271
|
|
|
264
272
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtopenpublishermetadata
|
|
265
|
-
public static EvtOpenPublisherMetadata(Session: EVT_HANDLE
|
|
273
|
+
public static EvtOpenPublisherMetadata(Session: Optional<EVT_HANDLE>, PublisherId: LPCWSTR, LogFilePath: Optional<LPCWSTR>, Locale: LCID, Flags: DWORD): EVT_HANDLE {
|
|
266
274
|
return Wevtapi.Load('EvtOpenPublisherMetadata')(Session, PublisherId, LogFilePath, Locale, Flags);
|
|
267
275
|
}
|
|
268
276
|
|
|
@@ -272,13 +280,13 @@ class Wevtapi extends Win32 {
|
|
|
272
280
|
}
|
|
273
281
|
|
|
274
282
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtquery
|
|
275
|
-
public static EvtQuery(Session: EVT_HANDLE
|
|
283
|
+
public static EvtQuery(Session: Optional<EVT_HANDLE>, Path: Optional<LPCWSTR>, Query: Optional<LPCWSTR>, Flags: EvtQueryFlags): EVT_HANDLE {
|
|
276
284
|
return Wevtapi.Load('EvtQuery')(Session, Path, Query, Flags);
|
|
277
285
|
}
|
|
278
286
|
|
|
279
287
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtrender
|
|
280
|
-
public static EvtRender(Context: EVT_HANDLE
|
|
281
|
-
return Wevtapi.Load('EvtRender')(Context, Fragment, Flags, BufferSize,
|
|
288
|
+
public static EvtRender(Context: Optional<EVT_HANDLE>, Fragment: EVT_HANDLE, Flags: EvtRenderFlags, BufferSize: DWORD, Buffer_out: Optional<PVOID>, BufferUsed_out: PDWORD, PropertyCount_out: PDWORD): BOOL {
|
|
289
|
+
return Wevtapi.Load('EvtRender')(Context, Fragment, Flags, BufferSize, Buffer_out, BufferUsed_out, PropertyCount_out);
|
|
282
290
|
}
|
|
283
291
|
|
|
284
292
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtsavechannelconfig
|
|
@@ -287,7 +295,7 @@ class Wevtapi extends Win32 {
|
|
|
287
295
|
}
|
|
288
296
|
|
|
289
297
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtseek
|
|
290
|
-
public static EvtSeek(ResultSet: EVT_HANDLE, Position: LONGLONG, Bookmark: EVT_HANDLE
|
|
298
|
+
public static EvtSeek(ResultSet: EVT_HANDLE, Position: LONGLONG, Bookmark: Optional<EVT_HANDLE>, Timeout: DWORD, Flags: EvtSeekFlags): BOOL {
|
|
291
299
|
return Wevtapi.Load('EvtSeek')(ResultSet, Position, Bookmark, Timeout, Flags);
|
|
292
300
|
}
|
|
293
301
|
|
|
@@ -298,13 +306,13 @@ class Wevtapi extends Win32 {
|
|
|
298
306
|
|
|
299
307
|
// https://learn.microsoft.com/en-us/windows/win32/api/winevt/nf-winevt-evtsubscribe
|
|
300
308
|
public static EvtSubscribe(
|
|
301
|
-
Session: EVT_HANDLE
|
|
302
|
-
SignalEvent: HANDLE
|
|
303
|
-
ChannelPath: LPCWSTR
|
|
304
|
-
Query: LPCWSTR
|
|
305
|
-
Bookmark: EVT_HANDLE
|
|
306
|
-
Context: PVOID
|
|
307
|
-
Callback: EVT_SUBSCRIBE_CALLBACK
|
|
309
|
+
Session: Optional<EVT_HANDLE>,
|
|
310
|
+
SignalEvent: Optional<HANDLE>,
|
|
311
|
+
ChannelPath: Optional<LPCWSTR>,
|
|
312
|
+
Query: Optional<LPCWSTR>,
|
|
313
|
+
Bookmark: Optional<EVT_HANDLE>,
|
|
314
|
+
Context: Nullable<PVOID>,
|
|
315
|
+
Callback: Nullable<EVT_SUBSCRIBE_CALLBACK>,
|
|
308
316
|
Flags: EvtSubscribeFlags,
|
|
309
317
|
): EVT_HANDLE {
|
|
310
318
|
return Wevtapi.Load('EvtSubscribe')(Session, SignalEvent, ChannelPath, Query, Bookmark, Context, Callback, Flags);
|
package/types/Wevtapi.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import type { Pointer } from 'bun:ffi';
|
|
2
2
|
|
|
3
3
|
import type { DWORD, HANDLE } from '@bun-win32/core';
|
|
4
|
-
export type { BOOL, DWORD, HANDLE, LPCWSTR, LPWSTR, NULL, PDWORD, PVOID } from '@bun-win32/core';
|
|
4
|
+
export type { BOOL, DWORD, HANDLE, LPCWSTR, LPWSTR, NULL, Nullable, Optional, PDWORD, PVOID } from '@bun-win32/core';
|
|
5
5
|
|
|
6
6
|
export const EVT_ALL_ACCESS = 0x0000_0007;
|
|
7
7
|
export const EVT_CLEAR_ACCESS = 0x0000_0004;
|