winevt_c 0.8.0 → 0.9.3

Sign up to get free protection for your applications and to get access to all the features.
data/README.md CHANGED
@@ -1,42 +1,97 @@
1
- # winevt_c
2
-
3
- [![Build status](https://ci.appveyor.com/api/projects/status/o5771b3cb6x3acq0/branch/master?svg=true)](https://ci.appveyor.com/project/cosmo0920/winevt-c-6145k/branch/master)
4
-
5
- ## Prerequisites
6
-
7
- * Windows Vista/Windows Server 2008 or later.
8
- * gcc and g++ from MSYS2 for building C/C++ extension.
9
- * Ruby 2.4 or later with MSYS2.
10
-
11
- ## Installation
12
-
13
- Add this line to your application's Gemfile:
14
-
15
- ```ruby
16
- gem 'winevt_c'
17
- ```
18
-
19
- And then execute:
20
-
21
- $ ridk exec bundle
22
-
23
- Or install it yourself as:
24
-
25
- $ ridk exec gem install winevt_c
26
-
27
- ## Fat gems building
28
-
29
- * Docker is needed to build fat gem due to rake-compiler-dock uses docker container.
30
-
31
- ## Usage
32
-
33
- Usage examples are found in [example directory](example).
34
- ## Development
35
-
36
- After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
37
-
38
- To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
39
-
40
- ## Contributing
41
-
42
- Bug reports and pull requests are welcome on GitHub at https://github.com/fluent-plugins-nursery/winevt_c.
1
+ # winevt_c
2
+
3
+ [![Build status](https://ci.appveyor.com/api/projects/status/o5771b3cb6x3acq0/branch/master?svg=true)](https://ci.appveyor.com/project/cosmo0920/winevt-c-6145k/branch/master)
4
+
5
+ ## Prerequisites
6
+
7
+ * Windows Vista/Windows Server 2008 or later.
8
+ * gcc and g++ from MSYS2 for building C/C++ extension.
9
+ * Ruby 2.4 or later with MSYS2.
10
+
11
+ ## Installation
12
+
13
+ Add this line to your application's Gemfile:
14
+
15
+ ```ruby
16
+ gem 'winevt_c'
17
+ ```
18
+
19
+ And then execute:
20
+
21
+ $ ridk exec bundle
22
+
23
+ Or install it yourself as:
24
+
25
+ $ ridk exec gem install winevt_c
26
+
27
+ ## Fat gems building
28
+
29
+ * Docker is needed to build fat gem due to rake-compiler-dock uses docker container.
30
+
31
+ ## Usage
32
+
33
+ Usage examples are found in [example directory](example).
34
+
35
+ ### Multilingual description
36
+
37
+ Currently, the following locales should be supported to output description:
38
+
39
+ locale | language
40
+ ---------:|:--------
41
+ bg\_BG | Bulgarian
42
+ zh\_CN | Simplified Chinese
43
+ zh\_TW | Traditional Chinese
44
+ zh\_HK | Chinese (Hong Kong)
45
+ zh\_SG | Chinese (Singapore)
46
+ hr\_HR | Croatian
47
+ cz\_CZ | Czech
48
+ da\_DK | Danish
49
+ nl\_NL | Dutch
50
+ nl\_BG | Dutch (Belgium)
51
+ en\_US | English (United States)
52
+ en\_GB | English (UK)
53
+ en\_AU | English (Australia)
54
+ en\_CA | English (Canada)
55
+ en\_NZ | English (New Zealand)
56
+ en\_IE | English (Ireland)
57
+ fi\_FI | Finnish
58
+ fr\_FR | French
59
+ fr\_BE | French (Belgium)
60
+ fr\_CA | French (Canada)
61
+ fr\_CH | French (Swiss)
62
+ de\_DE | German
63
+ de\_CH | German (Swiss)
64
+ de\_AT | German (Austria)
65
+ el\_GR | Greek (Ελληνικά)
66
+ hu\_HU | Hungarian
67
+ is\_IS | Icelandic
68
+ it\_IT | Italian (Italy)
69
+ it\_CH | Italian (Swiss)
70
+ ja\_JP | Japanese
71
+ ko\_KO | Korean
72
+ no\_NO | Norwegian (Bokmål)
73
+ nb\_NO | Norwegian (Bokmål)
74
+ nn\_NO | Norwegian (Nynorsk)
75
+ pl\_PL | Polish (Poland)
76
+ pt\_PT | Portuguese
77
+ pt\_BR | Portuguese (Brazil)
78
+ ro\_RO | Romanian
79
+ ru\_RU | Russian (русский язык)
80
+ sk\_SK | Slovak
81
+ sl\_SI | Slovenian
82
+ es\_ES | Spanish
83
+ es\_ES\_T | Spanish (Traditional)
84
+ es\_MX | Spanish (Mexico)
85
+ es\_ES\_M | Spanish (Modern)
86
+ sv\_SE | Swedish
87
+ tr\_TR | Turkish
88
+
89
+ ## Development
90
+
91
+ After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
92
+
93
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
94
+
95
+ ## Contributing
96
+
97
+ Bug reports and pull requests are welcome on GitHub at https://github.com/fluent-plugins-nursery/winevt_c.
data/Rakefile CHANGED
@@ -1,37 +1,37 @@
1
- require 'bundler'
2
- Bundler::GemHelper.install_tasks
3
-
4
- require "rake/testtask"
5
- require 'rake_compiler_dock'
6
- require 'rake/clean'
7
-
8
- Rake::TestTask.new(:test) do |t|
9
- t.libs << "test"
10
- t.libs << "lib"
11
- t.test_files = FileList["test/**/test_*.rb"]
12
- end
13
-
14
- require "rake/extensiontask"
15
-
16
- spec = eval File.read("winevt_c.gemspec")
17
-
18
- Rake::ExtensionTask.new("winevt", spec) do |ext|
19
- ext.ext_dir = 'ext/winevt'
20
- ext.cross_compile = true
21
- ext.lib_dir = File.join(*['lib', 'winevt', ENV['FAT_DIR']].compact)
22
- # cross_platform names are of MRI's platform name
23
- ext.cross_platform = ['x86-mingw32', 'x64-mingw32']
24
- end
25
-
26
- desc 'Build gems for Windows per rake-compiler-dock'
27
- task 'gem:native' do
28
- # See RUBY_CC_VERSION in https://github.com/rake-compiler/rake-compiler-dock/blob/master/Dockerfile.mri
29
- RakeCompilerDock.sh <<-EOS
30
- gem install bundler yard --no-doc && bundle
31
- rake cross native gem RUBY_CC_VERSION=2.4.0:2.5.0:2.6.0:2.7.0
32
- EOS
33
- end
34
-
35
- CLEAN.include('lib/winevt/winevt.*')
36
-
37
- task :default => [:clobber, :compile, :test]
1
+ require 'bundler'
2
+ Bundler::GemHelper.install_tasks
3
+
4
+ require "rake/testtask"
5
+ require 'rake_compiler_dock'
6
+ require 'rake/clean'
7
+
8
+ Rake::TestTask.new(:test) do |t|
9
+ t.libs << "test"
10
+ t.libs << "lib"
11
+ t.test_files = FileList["test/**/test_*.rb"]
12
+ end
13
+
14
+ require "rake/extensiontask"
15
+
16
+ spec = eval File.read("winevt_c.gemspec")
17
+
18
+ Rake::ExtensionTask.new("winevt", spec) do |ext|
19
+ ext.ext_dir = 'ext/winevt'
20
+ ext.cross_compile = true
21
+ ext.lib_dir = File.join(*['lib', 'winevt', ENV['FAT_DIR']].compact)
22
+ # cross_platform names are of MRI's platform name
23
+ ext.cross_platform = ['x86-mingw32', 'x64-mingw32']
24
+ end
25
+
26
+ desc 'Build gems for Windows per rake-compiler-dock'
27
+ task 'gem:native' do
28
+ sh "bundle package"
29
+ # See RUBY_CC_VERSION in https://github.com/rake-compiler/rake-compiler-dock/blob/master/Dockerfile.mri
30
+ %w[ x86-mingw32 x64-mingw32 ].each do |plat|
31
+ RakeCompilerDock.sh "bundle --local && bundle exec rake native:#{plat} gem RUBY_CC_VERSION=2.4.0:2.5.0:2.6.0:2.7.0:3.0.0", platform: plat
32
+ end
33
+ end
34
+
35
+ CLEAN.include('lib/winevt/winevt.*')
36
+
37
+ task :default => [:clobber, :compile, :test]
data/appveyor.yml CHANGED
@@ -1,26 +1,32 @@
1
- version: '{build}'
2
-
3
- # init:
4
- # - ps: iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1'))
5
-
6
- install:
7
- - SET PATH=C:\Ruby%ruby_version%\bin;%PATH%
8
- - ruby --version
9
- - gem --version
10
- - bundle --version
11
- - bundle install
12
- - ridk.cmd exec bundle exec rake compile
13
- build: off
14
- test_script:
15
- # - bundle exec rake test
16
- - bundle exec rake test TESTOPTS=-v
17
-
18
- # https://www.appveyor.com/docs/installed-software/#ruby
19
- environment:
20
- matrix:
21
- - ruby_version: "26-x64"
22
- - ruby_version: "26"
23
- - ruby_version: "25-x64"
24
- - ruby_version: "25"
25
- - ruby_version: "24-x64"
26
- - ruby_version: "24"
1
+ version: '{build}'
2
+
3
+ image: Visual Studio 2019
4
+
5
+ # init:
6
+ # - ps: iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1'))
7
+
8
+ install:
9
+ - SET PATH=C:\Ruby%ruby_version%\bin;%PATH%
10
+ - ruby --version
11
+ - gem --version
12
+ - bundle --version
13
+ - bundle install
14
+ - ridk.cmd exec bundle exec rake compile
15
+ build: off
16
+ test_script:
17
+ # - bundle exec rake test
18
+ - bundle exec rake test TESTOPTS=-v
19
+
20
+ # https://www.appveyor.com/docs/installed-software/#ruby
21
+ environment:
22
+ matrix:
23
+ - ruby_version: "30-x64"
24
+ - ruby_version: "30"
25
+ - ruby_version: "27-x64"
26
+ - ruby_version: "27"
27
+ - ruby_version: "26-x64"
28
+ - ruby_version: "26"
29
+ - ruby_version: "25-x64"
30
+ - ruby_version: "25"
31
+ - ruby_version: "24-x64"
32
+ - ruby_version: "24"
data/example/bookmark.rb CHANGED
@@ -1,9 +1,9 @@
1
- require 'winevt'
2
-
3
- @query = Winevt::EventLog::Query.new("Application", "*[System[(Level <= 3) and TimeCreated[timediff(@SystemTime) <= 86400000]]]")
4
- @bookmark = Winevt::EventLog::Bookmark.new
5
- @query.each do |xml|
6
- @bookmark.update(@query)
7
- end
8
-
9
- puts @bookmark.render
1
+ require 'winevt'
2
+
3
+ @query = Winevt::EventLog::Query.new("Application", "*[System[(Level <= 3) and TimeCreated[timediff(@SystemTime) <= 86400000]]]")
4
+ @bookmark = Winevt::EventLog::Bookmark.new
5
+ @query.each do |xml|
6
+ @bookmark.update(@query)
7
+ end
8
+
9
+ puts @bookmark.render
@@ -1,13 +1,13 @@
1
- require 'winevt'
2
-
3
- @channels = Winevt::EventLog::Channel.new
4
- @channels.force_enumerate = false
5
- result = []
6
- @channels.each do |channel|
7
- result << channel
8
- end
9
-
10
- puts "length of channels: #{result.length}"
11
- result.each do |r|
12
- puts r
13
- end
1
+ require 'winevt'
2
+
3
+ @channels = Winevt::EventLog::Channel.new
4
+ @channels.force_enumerate = false
5
+ result = []
6
+ @channels.each do |channel|
7
+ result << channel
8
+ end
9
+
10
+ puts "length of channels: #{result.length}"
11
+ result.each do |r|
12
+ puts r
13
+ end
data/example/eventlog.rb CHANGED
@@ -1,9 +1,13 @@
1
- require 'winevt'
2
-
3
- @query = Winevt::EventLog::Query.new("Application", "*[System[(Level <= 3) and TimeCreated[timediff(@SystemTime) <= 86400000]]]")
4
-
5
- @query.render_as_xml = true
6
- @query.preserve_qualifiers = true
7
- @query.each do |eventlog, message, string_inserts|
8
- puts ({eventlog: eventlog, data: message})
9
- end
1
+ require 'winevt'
2
+
3
+ @session = Winevt::EventLog::Session.new("127.0.0.1") # Or remote box ip
4
+ # @session.domain = "<EXAMPLEGROUP>"
5
+ # @session.username = "<username>"
6
+ # @session.password = "<password>"
7
+ @query = Winevt::EventLog::Query.new("Application", "*[System[(Level <= 4) and TimeCreated[timediff(@SystemTime) <= 86400000]]]", @session)
8
+
9
+ @query.render_as_xml = true
10
+ @query.preserve_qualifiers = true
11
+ @query.each do |eventlog, message, string_inserts|
12
+ puts ({eventlog: eventlog, data: message})
13
+ end
data/example/locale.rb ADDED
@@ -0,0 +1,13 @@
1
+ require 'winevt'
2
+
3
+ @locale = Winevt::EventLog::Locale.new
4
+
5
+ header = <<EOC
6
+ locale | language
7
+ ---------:|:--------
8
+ EOC
9
+
10
+ print header
11
+ @locale.each do |code, desc|
12
+ print "#{code.gsub("_", "\\_")}#{" "*(8 - code.size)}| #{desc}\n"
13
+ end
@@ -1,14 +1,14 @@
1
- require 'winevt'
2
-
3
- @subscribe = Winevt::EventLog::Subscribe.new
4
- @subscribe.read_existing_events = true
5
- @subscribe.rate_limit = 80
6
- @subscribe.subscribe(
7
- "Application", "*[System[(Level <= 4) and TimeCreated[timediff(@SystemTime) <= 86400000]]]"
8
- )
9
- while true do
10
- @subscribe.each do |eventlog, message, string_inserts|
11
- puts ({eventlog: eventlog, data: message})
12
- end
13
- sleep(0.1)
14
- end
1
+ require 'winevt'
2
+
3
+ @subscribe = Winevt::EventLog::Subscribe.new
4
+ @subscribe.read_existing_events = true
5
+ @subscribe.rate_limit = 80
6
+ @subscribe.subscribe(
7
+ "Application", "*[System[(Level <= 4) and TimeCreated[timediff(@SystemTime) <= 86400000]]]"
8
+ )
9
+ while true do
10
+ @subscribe.each do |eventlog, message, string_inserts|
11
+ puts ({eventlog: eventlog, data: message})
12
+ end
13
+ sleep(0.1)
14
+ end
data/example/tailing.rb CHANGED
@@ -1,15 +1,21 @@
1
- require 'winevt'
2
-
3
- @subscribe = Winevt::EventLog::Subscribe.new
4
- @subscribe.read_existing_events = true
5
- @subscribe.preserve_qualifiers = true
6
- @subscribe.render_as_xml = true
7
- @subscribe.subscribe(
8
- "Security", "*[System[(Level <= 4) and TimeCreated[timediff(@SystemTime) <= 86400000]]]"
9
- )
10
- while true do
11
- @subscribe.each do |eventlog, message, string_inserts|
12
- puts ({eventlog: eventlog, data: message})
13
- end
14
- sleep(1)
15
- end
1
+ require 'winevt'
2
+
3
+ @session = Winevt::EventLog::Session.new("127.0.0.1") # Or remote box ip
4
+ # @session.domain = "<EXAMPLEGROUP>"
5
+ # @session.username = "<username>"
6
+ # @session.password = "<password>"
7
+ @bookmark = Winevt::EventLog::Bookmark.new
8
+ @subscribe = Winevt::EventLog::Subscribe.new
9
+ @subscribe.read_existing_events = true
10
+ @subscribe.preserve_qualifiers = true
11
+ @subscribe.render_as_xml = true
12
+ @subscribe.subscribe(
13
+ "Security", "*[System[(Level <= 4) and TimeCreated[timediff(@SystemTime) <= 86400000]]]",
14
+ @bookmark, @session
15
+ )
16
+ while true do
17
+ @subscribe.each do |eventlog, message, string_inserts|
18
+ puts ({eventlog: eventlog, data: message})
19
+ end
20
+ sleep(1)
21
+ end
@@ -1,24 +1,24 @@
1
- require "mkmf"
2
- require "rbconfig"
3
-
4
- if RbConfig::CONFIG['host_os'] =~ /mingw/
5
- $CFLAGS << ' -fno-omit-frame-pointer'
6
- end
7
-
8
- libdir = RbConfig::CONFIG["libdir"]
9
- includedir = RbConfig::CONFIG["includedir"]
10
-
11
- dir_config("winevt", includedir, libdir)
12
-
13
- have_library("wevtapi")
14
- have_func("EvtQuery", "winevt.h")
15
- have_library("advapi32")
16
- have_library("ole32")
17
-
18
- $LDFLAGS << " -lwevtapi -ladvapi32 -lole32"
19
- $CFLAGS << " -Wall -std=c99 -fPIC -fms-extensions "
20
- $CXXFLAGS << " -Wall -std=c++11 -fPIC -fms-extensions "
21
- # $CFLAGS << " -g -O0 -ggdb"
22
- # $CXXFLAGS << " -g -O0 -ggdb"
23
-
24
- create_makefile("winevt/winevt")
1
+ require "mkmf"
2
+ require "rbconfig"
3
+
4
+ if RbConfig::CONFIG['host_os'] =~ /mingw/
5
+ $CFLAGS << ' -fno-omit-frame-pointer'
6
+ end
7
+
8
+ libdir = RbConfig::CONFIG["libdir"]
9
+ includedir = RbConfig::CONFIG["includedir"]
10
+
11
+ dir_config("winevt", includedir, libdir)
12
+
13
+ have_library("wevtapi")
14
+ have_func("EvtQuery", "winevt.h")
15
+ have_library("advapi32")
16
+ have_library("ole32")
17
+
18
+ $LDFLAGS << " -lwevtapi -ladvapi32 -lole32"
19
+ $CFLAGS << " -Wall -std=c99 -fPIC -fms-extensions "
20
+ $CXXFLAGS << " -Wall -std=c++11 -fPIC -fms-extensions "
21
+ # $CFLAGS << " -g -O0 -ggdb"
22
+ # $CXXFLAGS << " -g -O0 -ggdb"
23
+
24
+ create_makefile("winevt/winevt")