winevt_c 0.9.1 → 0.9.2

data/example/tailing.rb

@@ -1,21 +1,21 @@
-require 'winevt'
-
-@session = Winevt::EventLog::Session.new("127.0.0.1") # Or remote box ip
-# @session.domain = "<EXAMPLEGROUP>"
-# @session.username = "<username>"
-# @session.password = "<password>"
-@bookmark = Winevt::EventLog::Bookmark.new
-@subscribe = Winevt::EventLog::Subscribe.new
-@subscribe.read_existing_events = true
-@subscribe.preserve_qualifiers = true
-@subscribe.render_as_xml = true
-@subscribe.subscribe(
-  "Security", "*[System[(Level <= 4) and TimeCreated[timediff(@SystemTime) <= 86400000]]]",
-  @bookmark, @session
-)
-while true do
-  @subscribe.each do |eventlog, message, string_inserts|
-    puts ({eventlog: eventlog, data: message})
-  end
-  sleep(1)
-end
+require 'winevt'
+
+@session = Winevt::EventLog::Session.new("127.0.0.1") # Or remote box ip
+# @session.domain = "<EXAMPLEGROUP>"
+# @session.username = "<username>"
+# @session.password = "<password>"
+@bookmark = Winevt::EventLog::Bookmark.new
+@subscribe = Winevt::EventLog::Subscribe.new
+@subscribe.read_existing_events = true
+@subscribe.preserve_qualifiers = true
+@subscribe.render_as_xml = true
+@subscribe.subscribe(
+  "Security", "*[System[(Level <= 4) and TimeCreated[timediff(@SystemTime) <= 86400000]]]",
+  @bookmark, @session
+)
+while true do
+  @subscribe.each do |eventlog, message, string_inserts|
+    puts ({eventlog: eventlog, data: message})
+  end
+  sleep(1)
+end

data/ext/winevt/extconf.rb

@@ -1,24 +1,24 @@
-require "mkmf"
-require "rbconfig"
-
-if RbConfig::CONFIG['host_os'] =~ /mingw/
-  $CFLAGS << ' -fno-omit-frame-pointer'
-end
-
-libdir = RbConfig::CONFIG["libdir"]
-includedir = RbConfig::CONFIG["includedir"]
-
-dir_config("winevt", includedir, libdir)
-
-have_library("wevtapi")
-have_func("EvtQuery", "winevt.h")
-have_library("advapi32")
-have_library("ole32")
-
-$LDFLAGS << " -lwevtapi -ladvapi32 -lole32"
-$CFLAGS << " -Wall -std=c99 -fPIC -fms-extensions "
-$CXXFLAGS << " -Wall -std=c++11 -fPIC -fms-extensions "
-# $CFLAGS << " -g -O0 -ggdb"
-# $CXXFLAGS << " -g -O0 -ggdb"
-
-create_makefile("winevt/winevt")
+require "mkmf"
+require "rbconfig"
+
+if RbConfig::CONFIG['host_os'] =~ /mingw/
+  $CFLAGS << ' -fno-omit-frame-pointer'
+end
+
+libdir = RbConfig::CONFIG["libdir"]
+includedir = RbConfig::CONFIG["includedir"]
+
+dir_config("winevt", includedir, libdir)
+
+have_library("wevtapi")
+have_func("EvtQuery", "winevt.h")
+have_library("advapi32")
+have_library("ole32")
+
+$LDFLAGS << " -lwevtapi -ladvapi32 -lole32"
+$CFLAGS << " -Wall -std=c99 -fPIC -fms-extensions "
+$CXXFLAGS << " -Wall -std=c++11 -fPIC -fms-extensions "
+# $CFLAGS << " -g -O0 -ggdb"
+# $CXXFLAGS << " -g -O0 -ggdb"
+
+create_makefile("winevt/winevt")

data/ext/winevt/winevt.c

@@ -1,30 +1,30 @@
-#include <winevt_c.h>
-
-VALUE rb_mWinevt;
-VALUE rb_cQuery;
-VALUE rb_cEventLog;
-VALUE rb_cSubscribe;
-VALUE rb_eWinevtQueryError;
-VALUE rb_eRemoteHandlerError;
-
-static ID id_call;
-
-void
-Init_winevt(void)
-{
-  rb_mWinevt = rb_define_module("Winevt");
-  rb_cEventLog = rb_define_class_under(rb_mWinevt, "EventLog", rb_cObject);
-  rb_cQuery = rb_define_class_under(rb_cEventLog, "Query", rb_cObject);
-  rb_cSubscribe = rb_define_class_under(rb_cEventLog, "Subscribe", rb_cObject);
-  rb_eWinevtQueryError = rb_define_class_under(rb_cQuery, "Error", rb_eStandardError);
-  rb_eRemoteHandlerError = rb_define_class_under(rb_cSubscribe, "RemoteHandlerError", rb_eRuntimeError);
-
-  Init_winevt_channel(rb_cEventLog);
-  Init_winevt_bookmark(rb_cEventLog);
-  Init_winevt_query(rb_cEventLog);
-  Init_winevt_subscribe(rb_cEventLog);
-  Init_winevt_locale(rb_cEventLog);
-  Init_winevt_session(rb_cEventLog);
-
-  id_call = rb_intern("call");
-}
+#include <winevt_c.h>
+
+VALUE rb_mWinevt;
+VALUE rb_cQuery;
+VALUE rb_cEventLog;
+VALUE rb_cSubscribe;
+VALUE rb_eWinevtQueryError;
+VALUE rb_eRemoteHandlerError;
+
+static ID id_call;
+
+void
+Init_winevt(void)
+{
+  rb_mWinevt = rb_define_module("Winevt");
+  rb_cEventLog = rb_define_class_under(rb_mWinevt, "EventLog", rb_cObject);
+  rb_cQuery = rb_define_class_under(rb_cEventLog, "Query", rb_cObject);
+  rb_cSubscribe = rb_define_class_under(rb_cEventLog, "Subscribe", rb_cObject);
+  rb_eWinevtQueryError = rb_define_class_under(rb_cQuery, "Error", rb_eStandardError);
+  rb_eRemoteHandlerError = rb_define_class_under(rb_cSubscribe, "RemoteHandlerError", rb_eRuntimeError);
+
+  Init_winevt_channel(rb_cEventLog);
+  Init_winevt_bookmark(rb_cEventLog);
+  Init_winevt_query(rb_cEventLog);
+  Init_winevt_subscribe(rb_cEventLog);
+  Init_winevt_locale(rb_cEventLog);
+  Init_winevt_session(rb_cEventLog);
+
+  id_call = rb_intern("call");
+}

data/ext/winevt/winevt_bookmark.c

@@ -1,149 +1,149 @@
-#include <winevt_c.h>
-
-/* clang-format off */
-/*
- * Document-class: Winevt::EventLog::Bookmark
- *
- * Bookmark for querying/subscribing Windows EventLog progress.
- *
- * @example
- *  require 'winevt'
- *
- *  @query = Winevt::EventLog::Query.new("Application", "*[System[(Level <= 3) and TimeCreated[timediff(@SystemTime) <= 86400000]]]")
- *  @bookmark = Winevt::EventLog::Bookmark.new
- *  @query.each do |xml|
- *    @bookmark.update(@query)
- *  end
- *
- *  puts @bookmark.render
- */
-/* clang-format pn */
-
-VALUE rb_cBookmark;
-
-static void bookmark_free(void* ptr);
-
-static const rb_data_type_t rb_winevt_bookmark_type = { "winevt/bookmark",
-                                                        {
-                                                          0,
-                                                          bookmark_free,
-                                                          0,
-                                                        },
-                                                        NULL,
-                                                        NULL,
-                                                        RUBY_TYPED_FREE_IMMEDIATELY };
-
-static void
-bookmark_free(void* ptr)
-{
-  struct WinevtBookmark* winevtBookmark = (struct WinevtBookmark*)ptr;
-  if (winevtBookmark->bookmark)
-    EvtClose(winevtBookmark->bookmark);
-
-  xfree(ptr);
-}
-
-static VALUE
-rb_winevt_bookmark_alloc(VALUE klass)
-{
-  VALUE obj;
-  struct WinevtBookmark* winevtBookmark;
-  obj = TypedData_Make_Struct(
-    klass, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
-  return obj;
-}
-
-/*
- * Initalize Bookmark class. Receive XML string or nil.
- *
- * @overload initailize(options={})
- *   @option options [String] XML rendered Bookmark string.
- * @return [Bookmark]
- *
- */
-static VALUE
-rb_winevt_bookmark_initialize(int argc, VALUE* argv, VALUE self)
-{
-  PWSTR bookmarkXml;
-  VALUE wbookmarkXmlBuf;
-  DWORD len;
-  struct WinevtBookmark* winevtBookmark;
-
-  TypedData_Get_Struct(
-    self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
-
-  if (argc == 0) {
-    winevtBookmark->bookmark = EvtCreateBookmark(NULL);
-  } else if (argc == 1) {
-    VALUE rb_bookmarkXml;
-    rb_scan_args(argc, argv, "10", &rb_bookmarkXml);
-    Check_Type(rb_bookmarkXml, T_STRING);
-
-    // bookmarkXml : To wide char
-    len = MultiByteToWideChar(
-      CP_UTF8, 0, RSTRING_PTR(rb_bookmarkXml), RSTRING_LEN(rb_bookmarkXml), NULL, 0);
-    bookmarkXml = ALLOCV_N(WCHAR, wbookmarkXmlBuf, len + 1);
-    MultiByteToWideChar(CP_UTF8,
-                        0,
-                        RSTRING_PTR(rb_bookmarkXml),
-                        RSTRING_LEN(rb_bookmarkXml),
-                        bookmarkXml,
-                        len);
-    bookmarkXml[len] = L'\0';
-    winevtBookmark->bookmark = EvtCreateBookmark(bookmarkXml);
-    ALLOCV_END(wbookmarkXmlBuf);
-  }
-
-  return Qnil;
-}
-
-/*
- * This method updates bookmark and returns Bookmark instance.
- *
- * @param event [Query]
- * @return [Bookmark]
- */
-static VALUE
-rb_winevt_bookmark_update(VALUE self, VALUE event)
-{
-  struct WinevtQuery* winevtQuery;
-  struct WinevtBookmark* winevtBookmark;
-
-  winevtQuery = EventQuery(event);
-
-  TypedData_Get_Struct(
-    self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
-
-  for (int i = 0; i < winevtQuery->count; i++) {
-    if (!EvtUpdateBookmark(winevtBookmark->bookmark, winevtQuery->hEvents[i]))
-      return Qfalse;
-  }
-  return Qtrue;
-}
-
-/*
- * This method renders bookmark class content.
- *
- * @return [String]
- */
-static VALUE
-rb_winevt_bookmark_render(VALUE self)
-{
-  struct WinevtBookmark* winevtBookmark;
-
-  TypedData_Get_Struct(
-    self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
-
-  return render_to_rb_str(winevtBookmark->bookmark, EvtRenderBookmark);
-}
-
-void
-Init_winevt_bookmark(VALUE rb_cEventLog)
-{
-  rb_cBookmark = rb_define_class_under(rb_cEventLog, "Bookmark", rb_cObject);
-
-  rb_define_alloc_func(rb_cBookmark, rb_winevt_bookmark_alloc);
-  rb_define_method(rb_cBookmark, "initialize", rb_winevt_bookmark_initialize, -1);
-  rb_define_method(rb_cBookmark, "update", rb_winevt_bookmark_update, 1);
-  rb_define_method(rb_cBookmark, "render", rb_winevt_bookmark_render, 0);
-}
+#include <winevt_c.h>
+
+/* clang-format off */
+/*
+ * Document-class: Winevt::EventLog::Bookmark
+ *
+ * Bookmark for querying/subscribing Windows EventLog progress.
+ *
+ * @example
+ *  require 'winevt'
+ *
+ *  @query = Winevt::EventLog::Query.new("Application", "*[System[(Level <= 3) and TimeCreated[timediff(@SystemTime) <= 86400000]]]")
+ *  @bookmark = Winevt::EventLog::Bookmark.new
+ *  @query.each do |xml|
+ *    @bookmark.update(@query)
+ *  end
+ *
+ *  puts @bookmark.render
+ */
+/* clang-format pn */
+
+VALUE rb_cBookmark;
+
+static void bookmark_free(void* ptr);
+
+static const rb_data_type_t rb_winevt_bookmark_type = { "winevt/bookmark",
+                                                        {
+                                                          0,
+                                                          bookmark_free,
+                                                          0,
+                                                        },
+                                                        NULL,
+                                                        NULL,
+                                                        RUBY_TYPED_FREE_IMMEDIATELY };
+
+static void
+bookmark_free(void* ptr)
+{
+  struct WinevtBookmark* winevtBookmark = (struct WinevtBookmark*)ptr;
+  if (winevtBookmark->bookmark)
+    EvtClose(winevtBookmark->bookmark);
+
+  xfree(ptr);
+}
+
+static VALUE
+rb_winevt_bookmark_alloc(VALUE klass)
+{
+  VALUE obj;
+  struct WinevtBookmark* winevtBookmark;
+  obj = TypedData_Make_Struct(
+    klass, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
+  return obj;
+}
+
+/*
+ * Initalize Bookmark class. Receive XML string or nil.
+ *
+ * @overload initailize(options={})
+ *   @option options [String] XML rendered Bookmark string.
+ * @return [Bookmark]
+ *
+ */
+static VALUE
+rb_winevt_bookmark_initialize(int argc, VALUE* argv, VALUE self)
+{
+  PWSTR bookmarkXml;
+  VALUE wbookmarkXmlBuf;
+  DWORD len;
+  struct WinevtBookmark* winevtBookmark;
+
+  TypedData_Get_Struct(
+    self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
+
+  if (argc == 0) {
+    winevtBookmark->bookmark = EvtCreateBookmark(NULL);
+  } else if (argc == 1) {
+    VALUE rb_bookmarkXml;
+    rb_scan_args(argc, argv, "10", &rb_bookmarkXml);
+    Check_Type(rb_bookmarkXml, T_STRING);
+
+    // bookmarkXml : To wide char
+    len = MultiByteToWideChar(
+      CP_UTF8, 0, RSTRING_PTR(rb_bookmarkXml), RSTRING_LEN(rb_bookmarkXml), NULL, 0);
+    bookmarkXml = ALLOCV_N(WCHAR, wbookmarkXmlBuf, len + 1);
+    MultiByteToWideChar(CP_UTF8,
+                        0,
+                        RSTRING_PTR(rb_bookmarkXml),
+                        RSTRING_LEN(rb_bookmarkXml),
+                        bookmarkXml,
+                        len);
+    bookmarkXml[len] = L'\0';
+    winevtBookmark->bookmark = EvtCreateBookmark(bookmarkXml);
+    ALLOCV_END(wbookmarkXmlBuf);
+  }
+
+  return Qnil;
+}
+
+/*
+ * This method updates bookmark and returns Bookmark instance.
+ *
+ * @param event [Query]
+ * @return [Bookmark]
+ */
+static VALUE
+rb_winevt_bookmark_update(VALUE self, VALUE event)
+{
+  struct WinevtQuery* winevtQuery;
+  struct WinevtBookmark* winevtBookmark;
+
+  winevtQuery = EventQuery(event);
+
+  TypedData_Get_Struct(
+    self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
+
+  for (int i = 0; i < winevtQuery->count; i++) {
+    if (!EvtUpdateBookmark(winevtBookmark->bookmark, winevtQuery->hEvents[i]))
+      return Qfalse;
+  }
+  return Qtrue;
+}
+
+/*
+ * This method renders bookmark class content.
+ *
+ * @return [String]
+ */
+static VALUE
+rb_winevt_bookmark_render(VALUE self)
+{
+  struct WinevtBookmark* winevtBookmark;
+
+  TypedData_Get_Struct(
+    self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
+
+  return render_to_rb_str(winevtBookmark->bookmark, EvtRenderBookmark);
+}
+
+void
+Init_winevt_bookmark(VALUE rb_cEventLog)
+{
+  rb_cBookmark = rb_define_class_under(rb_cEventLog, "Bookmark", rb_cObject);
+
+  rb_define_alloc_func(rb_cBookmark, rb_winevt_bookmark_alloc);
+  rb_define_method(rb_cBookmark, "initialize", rb_winevt_bookmark_initialize, -1);
+  rb_define_method(rb_cBookmark, "update", rb_winevt_bookmark_update, 1);
+  rb_define_method(rb_cBookmark, "render", rb_winevt_bookmark_render, 0);
+}