int process_eventlog(const char *source, zbx_uint64_t *lastlogsize, unsigned long *out_timestamp,
char **out_source, unsigned short *out_severity, char **out_message,
unsigned long *out_eventid, unsigned char skip_old_data)
{
const char *__function_name = "process_eventlog";
int ret = FAIL;
HANDLE eventlog_handle;
wchar_t *wsource;
zbx_uint64_t FirstID, LastID;
register long i;
zabbix_log(LOG_LEVEL_DEBUG, "In %s() source:'%s' lastlogsize:" ZBX_FS_UI64,
__function_name, source, *lastlogsize);
*out_timestamp = 0;
*out_source = NULL;
*out_severity = 0;
*out_message = NULL;
*out_eventid = 0;
if (NULL == source || '\0' == *source)
{
zabbix_log(LOG_LEVEL_WARNING, "cannot open eventlog with empty name");
return ret;
}
wsource = zbx_utf8_to_unicode(source);
if (SUCCEED == zbx_open_eventlog(wsource, &eventlog_handle,
&LastID /* number */, &FirstID /* oldest */))
{
LastID += FirstID;
if (1 == skip_old_data)
{
*lastlogsize = LastID - 1;
zabbix_log(LOG_LEVEL_DEBUG, "skipping existing data: lastlogsize:" ZBX_FS_UI64, *lastlogsize);
}
if (*lastlogsize > LastID)
*lastlogsize = FirstID;
else if (*lastlogsize >= FirstID)
FirstID = (long)*lastlogsize + 1;
for (i = (long)FirstID; i < LastID; i++)
{
if (SUCCEED == zbx_get_eventlog_message(wsource, eventlog_handle, i, out_source, out_message,
out_severity, out_timestamp, out_eventid))
{
*lastlogsize = i;
break;
}
}
zbx_close_eventlog(eventlog_handle);
ret = SUCCEED;
}
else
zabbix_log(LOG_LEVEL_ERR, "cannot open eventlog '%s': %s", source,
strerror_from_system(GetLastError()));
zbx_free(wsource);
zabbix_log(LOG_LEVEL_DEBUG, "End of %s():%s", __function_name, zbx_result_string(ret));
return ret;
}
int process_eventlog(const char *source, long *lastlogsize, unsigned long *out_timestamp, char **out_source,
unsigned short *out_severity, char **out_message, unsigned long *out_eventid)
{
const char *__function_name = "process_eventlog";
int ret = FAIL;
HANDLE eventlog_handle;
long FirstID, LastID;
register long i;
LPTSTR wsource;
assert(lastlogsize);
assert(out_timestamp);
assert(out_source);
assert(out_severity);
assert(out_message);
assert(out_eventid);
*out_timestamp = 0;
*out_source = NULL;
*out_severity = 0;
*out_message = NULL;
*out_eventid = 0;
zabbix_log(LOG_LEVEL_DEBUG, "In %s() source:'%s' lastlogsize:%ld",
__function_name, source, *lastlogsize);
if (NULL == source || '\0' == *source)
{
zabbix_log(LOG_LEVEL_WARNING, "Can't open eventlog with empty name");
return ret;
}
wsource = zbx_utf8_to_unicode(source);
if (SUCCEED == zbx_open_eventlog(wsource, &eventlog_handle, &LastID /* number */, &FirstID /* oldest */))
{
LastID += FirstID;
if (*lastlogsize > LastID)
*lastlogsize = FirstID;
else if (*lastlogsize >= FirstID)
FirstID = (*lastlogsize) + 1;
for (i = FirstID; i < LastID; i++)
{
if (SUCCEED == zbx_get_eventlog_message(wsource, eventlog_handle, i, out_source, out_message,
out_severity, out_timestamp, out_eventid))
{
*lastlogsize = i;
break;
}
}
zbx_close_eventlog(eventlog_handle);
ret = SUCCEED;
}
else
zabbix_log(LOG_LEVEL_ERR, "Can't open eventlog '%s' [%s]",
source, strerror_from_system(GetLastError()));
zbx_free(wsource);
zabbix_log(LOG_LEVEL_DEBUG, "End of %s():%s", __function_name, zbx_result_string(ret));
return ret;
}
