Contains information about an FSHOOK_TYPE_OPEN_REPORT event.
typedef struct
{
uint32_t enterExitID;
int enterRetStatus;
int opRetCode;
zkey_t retKey;
zid_t retZid;
volid_t retVolID;
timeinfo_t times;
} open_report_t;
Associates the warn and report events of the operation and is same value on the warn and report events of the same operation, but unique across operations.
Indicates whether the event was successful, with 0 indicating success. If nonzero, the security authority prevented the event from occurring.
Indicates whether the operation was successful, with 0 indicating success and nonzero an error.
Contains the key to the file, if the file was opened. The key can be used to read and write to the file.
Contains the zid for the file. The zid uniquely identifies a file within a given volume.
Contains the volume number for the volume associated with the retZid.
Contains the created, last accessed, modified, and metadata modified times.
You can use the RxIdentifyCode function or the fs_mapzidtopath function to obtain more information about the file system object that is the target of the event