logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

libevtx.h — Library to access the Windows XML Event Log (EVTX) format

Contents

Author

       These man pages are generated from "libevtx.h".

Bugs

       Please report bugs of any kind on the project issue tracker: https://github.com/libyal/libevtx/issues

Description

       The libevtx_get_version() function is used to retrieve the library version.

Environment

       None

Files

       None

Name

       libevtx.h — Library to access the Windows XML Event Log (EVTX) format

Notes

       libevtx can be compiled with wide character support (wchar_t).

       To compile libevtx with wide character support use: ./configure--enable-wide-character-type=yes
        or define: _UNICODE
        or UNICODE
        during compilation.

       LIBEVTX_WIDE_CHARACTER_TYPE
        in libevtx/features.h can be used to determine if libevtx was compiled with wide character support.

Return Values

       Most  of  the  functions return NULL or -1 on error, dependent on the return type.  For the actual return
       values see "libevtx.h".

See Also

       the libevtx.h include file

libevtx                                            May 4, 2024                                        libevtx(3)

Synopsis

#include<libevtx.h>

       Support functions

       constchar*libevtx_get_version(void);

       intlibevtx_get_access_flags_read(void);

       intlibevtx_get_codepage(int*codepage, libevtx_error_t**error);

       intlibevtx_set_codepage(intcodepage, libevtx_error_t**error);

       intlibevtx_check_file_signature(constchar*filename, libevtx_error_t**error);

       Available when compiled with wide character string support:

       intlibevtx_check_file_signature_wide(constwchar_t*filename, libevtx_error_t**error);

       Available when compiled with libbfio support:

       intlibevtx_check_file_signature_file_io_handle(libbfio_handle_t*bfio_handle, libevtx_error_t**error);

       Notify functions

       voidlibevtx_notify_set_verbose(intverbose);

       intlibevtx_notify_set_stream(FILE*stream, libevtx_error_t**error);

       intlibevtx_notify_stream_open(constchar*filename, libevtx_error_t**error);

       intlibevtx_notify_stream_close(libevtx_error_t**error);

       Error functions

       voidlibevtx_error_free(libevtx_error_t**error);

       intlibevtx_error_fprint(libevtx_error_t*error, FILE*stream);

       intlibevtx_error_sprint(libevtx_error_t*error, char*string, size_tsize);

       intlibevtx_error_backtrace_fprint(libevtx_error_t*error, FILE*stream);

       intlibevtx_error_backtrace_sprint(libevtx_error_t*error, char*string, size_tsize);

       File functions

       intlibevtx_file_initialize(libevtx_file_t**file, libevtx_error_t**error);

       intlibevtx_file_free(libevtx_file_t**file, libevtx_error_t**error);

       intlibevtx_file_signal_abort(libevtx_file_t*file, libevtx_error_t**error);

       intlibevtx_file_open(libevtx_file_t*file, constchar*filename, intaccess_flags, libevtx_error_t**error);

       intlibevtx_file_close(libevtx_file_t*file, libevtx_error_t**error);

       intlibevtx_file_is_corrupted(libevtx_file_t*file, libevtx_error_t**error);

       intlibevtx_file_get_ascii_codepage(libevtx_file_t*file, int*ascii_codepage, libevtx_error_t**error);

       intlibevtx_file_set_ascii_codepage(libevtx_file_t*file, intascii_codepage, libevtx_error_t**error);

       intlibevtx_file_get_format_version(libevtx_file_t*file,  uint16_t*major_version, uint16_t*minor_version,
           libevtx_error_t**error);

       intlibevtx_file_get_flags(libevtx_file_t*file, uint32_t*flags, libevtx_error_t**error);

       intlibevtx_file_get_number_of_records(libevtx_file_t*file,         int*number_of_records,
           libevtx_error_t**error);

       intlibevtx_file_get_record_by_index(libevtx_file_t*file,  intrecord_index,  libevtx_record_t**record,
           libevtx_error_t**error);

       intlibevtx_file_get_number_of_recovered_records(libevtx_file_t*file,      int*number_of_records,
           libevtx_error_t**error);

       intlibevtx_file_get_recovered_record_by_index(libevtx_file_t*file,         intrecord_index,
           libevtx_record_t**record, libevtx_error_t**error);

       Available when compiled with wide character string support:

       intlibevtx_file_open_wide(libevtx_file_t*file,    constwchar_t*filename,    intaccess_flags,
           libevtx_error_t**error);

       Available when compiled with libbfio support:

       intlibevtx_file_open_file_io_handle(libevtx_file_t*file,       libbfio_handle_t*file_io_handle,
           intaccess_flags, libevtx_error_t**error);

       Record functions

       intlibevtx_record_free(libevtx_record_t**record, libevtx_error_t**error);

       intlibevtx_record_get_offset(libevtx_record_t*record, off64_t*offset, libevtx_error_t**error);

       intlibevtx_record_get_identifier(libevtx_record_t*record, uint64_t*identifier, libevtx_error_t**error);

       intlibevtx_record_get_creation_time(libevtx_record_t*record, uint64_t*filetime, libevtx_error_t**error);

       intlibevtx_record_get_written_time(libevtx_record_t*record, uint64_t*filetime, libevtx_error_t**error);

       intlibevtx_record_get_event_identifier(libevtx_record_t*record,      uint32_t*event_identifier,
           libevtx_error_t**error);

       intlibevtx_record_get_event_identifier_qualifiers(libevtx_record_t*record,
           uint32_t*event_identifier_qualifiers, libevtx_error_t**error);

       intlibevtx_record_get_event_version(libevtx_record_t*record,         uint8_t*event_version,
           libevtx_error_t**error);

       intlibevtx_record_get_event_level(libevtx_record_t*record, uint8_t*event_level, libevtx_error_t**error);

       intlibevtx_record_get_utf8_provider_identifier_size(libevtx_record_t*record,   size_t*utf8_string_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf8_provider_identifier(libevtx_record_t*record,      uint8_t*utf8_string,
           size_tutf8_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf16_provider_identifier_size(libevtx_record_t*record,  size_t*utf16_string_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf16_provider_identifier(libevtx_record_t*record,     uint16_t*utf16_string,
           size_tutf16_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf8_source_name_size(libevtx_record_t*record,     size_t*utf8_string_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf8_source_name(libevtx_record_t*record,        uint8_t*utf8_string,
           size_tutf8_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf16_source_name_size(libevtx_record_t*record,     size_t*utf16_string_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf16_source_name(libevtx_record_t*record,       uint16_t*utf16_string,
           size_tutf16_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf8_channel_name_size(libevtx_record_t*record,     size_t*utf8_string_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf8_channel_name(libevtx_record_t*record,        uint8_t*utf8_string,
           size_tutf8_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf16_channel_name_size(libevtx_record_t*record,    size_t*utf16_string_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf16_channel_name(libevtx_record_t*record,       uint16_t*utf16_string,
           size_tutf16_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf8_computer_name_size(libevtx_record_t*record,     size_t*utf8_string_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf8_computer_name(libevtx_record_t*record,        uint8_t*utf8_string,
           size_tutf8_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf16_computer_name_size(libevtx_record_t*record,    size_t*utf16_string_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf16_computer_name(libevtx_record_t*record,       uint16_t*utf16_string,
           size_tutf16_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf8_user_security_identifier_size(libevtx_record_t*record, size_t*utf8_string_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf8_user_security_identifier(libevtx_record_t*record,    uint8_t*utf8_string,
           size_tutf8_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf16_user_security_identifier_size(libevtx_record_t*record,
           size_t*utf16_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf16_user_security_identifier(libevtx_record_t*record,   uint16_t*utf16_string,
           size_tutf16_string_size, libevtx_error_t**error);

       intlibevtx_record_parse_data_with_template_definition(libevtx_record_t*record,
           libevtx_template_definition_t*template_definition, libevtx_error_t**error);

       intlibevtx_record_get_number_of_strings(libevtx_record_t*record,       int*number_of_strings,
           libevtx_error_t**error);

       intlibevtx_record_get_utf8_string_size(libevtx_record_t*record, intstring_index, size_t*utf8_string_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf8_string(libevtx_record_t*record,   intstring_index,   uint8_t*utf8_string,
           size_tutf8_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf16_string_size(libevtx_record_t*record,         intstring_index,
           size_t*utf16_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf16_string(libevtx_record_t*record,  intstring_index,  uint16_t*utf16_string,
           size_tutf16_string_size, libevtx_error_t**error);

       intlibevtx_record_get_data_size(libevtx_record_t*record, size_t*data_size, libevtx_error_t**error);

       intlibevtx_record_get_data(libevtx_record_t*record,      uint8_t*data,     size_tdata_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf8_xml_string_size(libevtx_record_t*record,      size_t*utf8_string_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf8_xml_string(libevtx_record_t*record,         uint8_t*utf8_string,
           size_tutf8_string_size, libevtx_error_t**error);

       intlibevtx_record_get_utf16_xml_string_size(libevtx_record_t*record,     size_t*utf16_string_size,
           libevtx_error_t**error);

       intlibevtx_record_get_utf16_xml_string(libevtx_record_t*record,        uint16_t*utf16_string,
           size_tutf16_string_size, libevtx_error_t**error);

       Template definition functions

       intlibevtx_template_definition_initialize(libevtx_template_definition_t**template_definition,
           libevtx_error_t**error);

       intlibevtx_template_definition_free(libevtx_template_definition_t**template_definition,
           libevtx_error_t**error);

       intlibevtx_template_definition_set_data(libevtx_template_definition_t*template_definition,
           constuint8_t*data, size_tdata_size, uint32_tdata_offset, libevtx_error_t**error);

See Also

Error
Error PNG Icons
Man Pages
libevt.h Man Pages
Record
Record PNG Icons
Man Pages
size Man Pages
Filing
Filing PNG Icons
String
String PNG Icons
Man Pages
al_utf16_width Man Pages
Man Pages
utf8 Man Pages
← View Library functions Category← Back to String manipulation🙏  Credits & Acknowledgments