winevt_c 0.7.3 → 0.9.1

data/ext/winevt/winevt_utils.cpp

@@ -76,6 +76,28 @@ render_to_rb_str(EVT_HANDLE handle, DWORD flags)
   return result;
 }
 
+EVT_HANDLE
+connect_to_remote(LPWSTR computerName, LPWSTR domain, LPWSTR username, LPWSTR password,
+                  EVT_RPC_LOGIN_FLAGS flags)
+{
+  EVT_HANDLE hRemote = NULL;
+  EVT_RPC_LOGIN Credentials;
+
+  RtlZeroMemory(&Credentials, sizeof(EVT_RPC_LOGIN));
+
+  Credentials.Server = computerName;
+  Credentials.Domain = domain;
+  Credentials.User = username;
+  Credentials.Password = password;
+  Credentials.Flags = flags;
+
+  hRemote = EvtOpenSession(EvtRpcLogin, &Credentials, 0, 0);
+
+  SecureZeroMemory(&Credentials, sizeof(EVT_RPC_LOGIN));
+
+  return hRemote;
+}
+
 static std::wstring
 guid_to_wstr(const GUID& guid)
 {
@@ -433,7 +455,7 @@ cleanup:
 }
 
 WCHAR*
-get_description(EVT_HANDLE handle)
+get_description(EVT_HANDLE handle, LANGID langID, EVT_HANDLE hRemote)
 {
 #define BUFSIZE 4096
   std::vector<WCHAR> buffer(BUFSIZE);
@@ -470,10 +492,10 @@ get_description(EVT_HANDLE handle)
 
   // Open publisher metadata
   hMetadata = EvtOpenPublisherMetadata(
-    nullptr,
+    hRemote,
     values[0].StringVal,
     nullptr,
-    MAKELCID(MAKELANGID(LANG_NEUTRAL, SUBLANG_NEUTRAL), SORT_DEFAULT),
+    MAKELCID(langID, SORT_DEFAULT),
     0);
   if (hMetadata == nullptr) {
     // When winevt_c cannot open metadata, then give up to obtain

data/lib/winevt.rb

@@ -7,6 +7,7 @@ require "winevt/bookmark"
 require "winevt/query"
 require "winevt/subscribe"
 require "winevt/version"
+require "winevt/session"
 
 module Winevt
   # Your code goes here...

data/lib/winevt/session.rb

@@ -0,0 +1,15 @@
+module Winevt
+  class EventLog
+    class Session
+      alias_method :initialize_raw, :initialize
+
+      def initialize(server, domain = nil, username = nil, password = nil)
+        initialize_raw
+        self.server = server
+        self.domain = domain if domain.is_a?(String)
+        self.username = username if username.is_a?(String)
+        self.password = password if password.is_a?(String)
+      end
+    end
+  end
+end

data/lib/winevt/subscribe.rb

@@ -3,8 +3,11 @@ module Winevt
     class Subscribe
       alias_method :subscribe_raw, :subscribe
 
-      def subscribe(path, query, bookmark = nil)
-        if bookmark.is_a?(Winevt::EventLog::Bookmark)
+      def subscribe(path, query, bookmark = nil, session = nil)
+        if bookmark.is_a?(Winevt::EventLog::Bookmark) &&
+           session.is_a?(Winevt::EventLog::Session)
+          subscribe_raw(path, query, bookmark.render, session)
+        elsif bookmark.is_a?(Winevt::EventLog::Bookmark)
           subscribe_raw(path, query, bookmark.render)
         else
           subscribe_raw(path, query)

data/lib/winevt/version.rb

@@ -1,3 +1,3 @@
 module Winevt
-  VERSION = "0.7.3"
+  VERSION = "0.9.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: winevt_c
 version: !ruby/object:Gem::Version
-  version: 0.7.3
+  version: 0.9.1
 platform: ruby
 authors:
 - Hiroshi Hatake
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-03-16 00:00:00.000000000 Z
+date: 2020-09-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -121,6 +121,7 @@ files:
 - example/bookmark.rb
 - example/enumerate_channels.rb
 - example/eventlog.rb
+- example/locale.rb
 - example/rate_limit.rb
 - example/tailing.rb
 - ext/winevt/extconf.rb
@@ -128,12 +129,16 @@ files:
 - ext/winevt/winevt_bookmark.c
 - ext/winevt/winevt_c.h
 - ext/winevt/winevt_channel.c
+- ext/winevt/winevt_locale.c
+- ext/winevt/winevt_locale_info.c
 - ext/winevt/winevt_query.c
+- ext/winevt/winevt_session.c
 - ext/winevt/winevt_subscribe.c
 - ext/winevt/winevt_utils.cpp
 - lib/winevt.rb
 - lib/winevt/bookmark.rb
 - lib/winevt/query.rb
+- lib/winevt/session.rb
 - lib/winevt/subscribe.rb
 - lib/winevt/version.rb
 - winevt_c.gemspec