xdas_audit_record_desc_struct Struct Reference
[XDAS API]
XDAS in-memory audit record structure.
More...
#include <xdas.h>
Detailed Description
XDAS in-memory audit record structure.
Changes to the original OpenGroup XDAS specification:
1) Changed record_number, time_offset, time_uncertainty_interval, time_uncertainty_indicator, event_number and outcome fields to simple unsigned ints - see general notes.
2) Changed length field to size_t - see general notes.
3) According to the spec, time_offset (a uint32 sized quantity) is supposed to contain the number of milliseconds since the start of the epoch (Jan 1, 1970), but this is impossible as we've already gone well over 4 billion milliseconds since then. OpenXDAS stores seconds in this field rather than milliseconds.
4) Removed unnecessary "const" qualifier from the record_number field.
5) Removed service version field because that information is not stored in the record anywhere. The only version information found in an XDAS record is the record format version, which is not necessary, since the record has been completely parsed into this structure.
6) Removed unnecessary level of indirection from xdas_buffer_t fields.
It seems that the XDAS specification authors originally indended users to allocate xdas_buffer_desc objects to which parsed data would be copied. But this is not specified, just assumed from the context.
A much more efficient approach is to simply set the value member to point into the retrieved buffer data, and the size member to the number of bytes of character data in the field pointed to by the value member.
When used for input to an XDAS function, the length member may be optionally zero'd to indicate that the character data pointed to by the value member is zero-terminated.
When used for output, the parser will use the length member to indicate the length of the string pointed to by the value member. This allows the parser to maintain the pristine state of the wire buffer associated with the record by not having to over-write delimiters with zero-termination characters.
When using this structure to parse records retrieved with xdas_get_next, a caller should populate the desired xdas_buffer_t fields with the addresses of actual xdas_buffer_desc objects. Those fields set to zero will not be parsed and returned. This approach requires a bit more setup on the part of a caller, but provides the flexibility and potential speed increase of allowing only certain fields to be parsed and returned.
Definition at line 886 of file xdas.h.
Field Documentation
A unique sequential value within the process for each record read.
Definition at line 889 of file xdas.h.
The total length in bytes of a retrieved record in wire format.
Definition at line 891 of file xdas.h.
The time at which the audit record was committed or timestamped.
Definition at line 893 of file xdas.h.
The interval of time by which the event time recorded is uncertain.
Definition at line 895 of file xdas.h.
The percentage of confidence in the time_uncertainty interval.
Definition at line 897 of file xdas.h.
The name or address of the source of time recorded for this event.
Definition at line 899 of file xdas.h.
The time zone applicable to the domain in which the event occured.
Definition at line 901 of file xdas.h.
The event number defining the type of event.
Definition at line 903 of file xdas.h.
The outcome code recorded for the event.
Definition at line 905 of file xdas.h.
The name of the location of the originator domain.
Definition at line 907 of file xdas.h.
The address of the location of the originator domain.
Definition at line 909 of file xdas.h.
The service type of the originator domain.
Definition at line 911 of file xdas.h.
The name of the authentication authority for the originator.
Definition at line 913 of file xdas.h.
The name of the originator principal.
Definition at line 915 of file xdas.h.
The identity of the originator principal.
Definition at line 917 of file xdas.h.
The name of the authentication authority for the initiator.
Definition at line 919 of file xdas.h.
The name of the initiator principal.
Definition at line 921 of file xdas.h.
The identity of the initiator principal.
Definition at line 923 of file xdas.h.
The name of the location of the target domain.
Definition at line 925 of file xdas.h.
The address of the location of the target domain.
Definition at line 927 of file xdas.h.
The service type of the target domain.
Definition at line 929 of file xdas.h.
The name of the authentication authority for the target.
Definition at line 931 of file xdas.h.
The name of the target principal.
Definition at line 933 of file xdas.h.
The identity of the target principal.
Definition at line 935 of file xdas.h.
For an imported record, the pointer to the original domain record.
Definition at line 937 of file xdas.h.
The event specific information recorded for the record.
Definition at line 939 of file xdas.h.
The documentation for this struct was generated from the following file:
