EventAccessQuery function
Retrieves the permissions for the specified controller or provider.
Syntax
ULONG EventAccessQuery( _In_ LPGUID Guid, _Inout_ PSECURITY_DESCRIPTOR Buffer, _Inout_ PULONG BufferSize );
Parameters
- Guid [in]
-
GUID that uniquely identifies the provider or session.
- Buffer [in, out]
-
Application-allocated buffer that will contain the security descriptor of the controller or provider.
- BufferSize [in, out]
-
Size of the security descriptor buffer, in bytes. If the function succeeds, this parameter receives the size of the buffer used. If the buffer is too small, the function returns ERROR_MORE_DATA and this parameter receives the required buffer size. If the buffer size is zero on input, no data is returned in the buffer and this parameter receives the required buffer size.
Return value
Returns ERROR_SUCCESS if successful.
The function returns the following return code if an error occurs:
| Return code | Description |
|---|---|
|
The buffer is too small to receive the security descriptor. Reallocate the buffer using the size returned in BufferSize. |
Remarks
If the GUID does not exist in the registry, ETW returns the default permissions for a provider or controller. For details on specifying the GUID in the registry, see EventAccessControl.
For information on accessing the components of the security descriptor, see Getting Information from an ACL, the GetSecurityDescriptorDacl, GetSecurityDescriptorSacl, and GetAce functions, and the ACE structure.
Requirements
|
Minimum supported client |
Windows Vista [desktop apps only] |
|---|---|
|
Minimum supported server |
Windows Server 2008 [desktop apps only] |
|
Header |
|
|
Library |
|
|
DLL |
|
See also