AUDIT_PARAM_TYPE enumeration (adtgen.h)
The AUDIT_PARAM_TYPE enumeration defines the type of audit parameters that are available.
Syntax
typedef enum _AUDIT_PARAM_TYPE {
APT_None,
APT_String,
APT_Ulong,
APT_Pointer,
APT_Sid,
APT_LogonId,
APT_ObjectTypeList,
APT_Luid,
APT_Guid,
APT_Time,
APT_Int64,
APT_IpAddress,
APT_LogonIdWithSid
} AUDIT_PARAM_TYPE;
Constants
APT_NoneNo audit options. |
APT_StringA string that terminates with NULL. |
APT_UlongAn unsigned long. |
APT_PointerA pointer that is used to specify handles and pointers. These are 32-bit on 32-bit systems and 64-bit on 64-bit systems. Use this option when you are interested in the absolute value of the pointer. The memory to which the pointer points is not marshaled when using this type. |
APT_SidThe security identifier (SID). |
APT_LogonIdThe logon identifier (LUID) that results in three output parameters:
|
APT_ObjectTypeListObject type list. |
APT_LuidLUID that is not translated to LogonId. |
APT_GuidGUID. |
APT_TimeTime as FILETIME. |
APT_Int64ULONGLONG. |
APT_IpAddressIP Address (IPv4 and IPv6). This logs the address as the first parameter and the port as the second parameter. You must ensure that two entries are added in the event message file. You should ensure that the buffer size is 128 bytes. |
APT_LogonIdWithSidLogon ID with SID that results in four output parameters:
|
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows XP [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Header | adtgen.h |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for