NtQueryEvent - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers

#ifndef _NTEXAPI_H
#if (PHNT_MODE != PHNT_MODE_KERNEL)

NTSYSCALLAPI
NTSTATUS
NTAPI
NtQueryEvent(
    _In_ HANDLE EventHandle,
    _In_ EVENT_INFORMATION_CLASS EventInformationClass,
    _Out_writes_bytes_(EventInformationLength) PVOID EventInformation,
    _In_ ULONG EventInformationLength,
    _Out_opt_ PULONG ReturnLength
    );

#endif
#endif
View code on GitHub

#ifndef _NTZWAPI_H

NTSYSCALLAPI
NTSTATUS
NTAPI
ZwQueryEvent(
    _In_ HANDLE EventHandle,
    _In_ EVENT_INFORMATION_CLASS EventInformationClass,
    _Out_writes_bytes_(EventInformationLength) PVOID EventInformation,
    _In_ ULONG EventInformationLength,
    _Out_opt_ PULONG ReturnLength
    );

#endif
View code on GitHub

EventHandle

HANDLE to Event Object opened with EVENT_QUERY_STATE access.

EventInformationClass

See EVENT_INFORMATION_CLASS for details.

EventInformation

Caller's allocated buffer for result data.

EventInformationLength

Length of EventInformation buffer, in bytes.

ReturnLength

Returns required/used size of EventInformation buffer.

Currently there're only one information class for use with Event Object. See EVENT_INFORMATION_CLASS for details.

Documented by

Tomasz Nowak

See also

Edit description on GitHub