Example #1
0
        public static bool TrySelect(
            string wql,
            string[] fieldsByPriority,
            out DataTable objects,
            out Exception failOfGet)
        {
            Stopwatch stopwatch = Stopwatch.StartNew();
            DataTable dataTable = new DataTable("WMI");
            int       rowIndex  = 0;

            using (ManagementObjectSearcher managementObjectSearcher = new ManagementObjectSearcher(wql))
            {
                try
                {
                    foreach (ManagementBaseObject wmiRow in managementObjectSearcher.Get())
                    {
                        DataRow row = dataTable.NewRow();
                        if (rowIndex == 0)
                        {
                            // Properties of the First Row.
                            string[] propertyNames = new string[wmiRow.Properties.Count];
                            int      propertyIndex = 0;
                            foreach (PropertyData property in wmiRow.Properties)
                            {
                                propertyNames[propertyIndex++] = property.Name;
                            }

                            WmiUtils.ComparerByPriority comparerByPriority = new WmiUtils.ComparerByPriority(fieldsByPriority ?? new string[0], propertyNames);
                            Array.Sort(propertyNames, comparerByPriority);
                            foreach (string columnName in propertyNames)
                            {
                                dataTable.Columns.Add(columnName, typeof(object));
                            }
                        }

                        foreach (DataColumn column in dataTable.Columns)
                        {
                            object propertyValue;
                            if (WmiUtils.TryGetProperty(wmiRow, column.ColumnName, out propertyValue))
                            {
                                row[column.ColumnName] = propertyValue;
                                object copy = row[column.ColumnName];
                            }
                        }
                        dataTable.Rows.Add(row);
                        ++rowIndex;
                    }
                }
                catch (Exception ex)
                {
                    objects   = (DataTable)null;
                    failOfGet = ex;
                    return(false);
                }
            }
            Trace.WriteLine("Scan WMI list '" + wql + "' by " + stopwatch.ElapsedMilliseconds.ToString("n0") + " msec");
            objects   = dataTable;
            failOfGet = (Exception)null;
            return(true);
        }
Example #2
0
        internal List <dynamic> ReadServiceControlManagerLogsRaw()
        {
            List <dynamic> ret   = new List <dynamic>();
            string         query = $"Select * From Win32_NTLogEvent WHERE LogFile='System' And (EventCode=12 Or EventCode=7009 or EventCode=7000 or EventCode=7036 or EventCode=7031)";
            int            n     = 0;

            using (ManagementObjectSearcher managementObjectSearcher = new ManagementObjectSearcher(query))
            {
                foreach (ManagementBaseObject wmiRow in managementObjectSearcher.Get())
                {
                    var message       = Convert.ToString(wmiRow["Message"]);
                    var code          = Convert.ToInt64(wmiRow["EventCode"]);
                    var timeGenerated = Convert.ToString(wmiRow["TimeGenerated"]);
                    var data          = wmiRow["Data"];
                    var dataType      = data?.GetType().ToString() ?? "null";
                    var bytes         = data == null ? "<null>" : string.Join(",", ((Byte[])data).Select(x => x));
                    var type          = wmiRow["Type"];
                    var recordNumber  = Convert.ToInt64(wmiRow["RecordNumber"]);

                    WmiUtils.TryParseWmiDateTime(timeGenerated, out var dateTime);

                    ret.Add(new
                    {
                        Type             = type,
                        RecordNumber     = recordNumber,
                        EventCode        = code,
                        Message          = message,
                        TimeGeneratedRaw = timeGenerated,
                        TimeGenerated    = dateTime,
                        DataType         = dataType,
                        Data             = data,
                        DataAsBytes      = bytes,
                        DataAsAscii      = AsAscII((byte[])data),
                        Parameteters     = ParseParameters((byte[])data)
                    });

                    if (n++ % 100 == 0)
                    {
                        Console.Write(".");
                    }
                }
            }

            ret = ret.OrderByDescending(x => (long)x.RecordNumber).ToList();
            return(ret);
        }
Example #3
0
        public static void Write()
        {
            Stopwatch sw = Stopwatch.StartNew();
            // Raw
            var            logsReader = new ServiceLogsReader();
            List <dynamic> asDynamic  = logsReader.ReadServiceControlManagerLogsRaw();

            LoggingUtils.DumpTextFile(asDynamic.AsJsonString(), "System-Filtered-Log-Dynamic.json");

            // Static
            var asStatic = logsReader.ReadServiceControlManagerLogs(asDynamic);
            var dump     = new
            {
                Logs     = asStatic,
                Services = logsReader.CachedServices,
            };

            LoggingUtils.DumpTextFile(dump.AsJsonString(), "System-Filtered-Log.json");

            // Grouped
            ServiceLogsAnalyzer a     = new ServiceLogsAnalyzer(logsReader.CachedServices, asStatic);
            dynamic             boots = a.BuildReport();

            LoggingUtils.DumpTextFile(((object)boots).AsJsonString(), "Grouped-by-Boots.json");

            var finalReport = new
            {
                ServicesPipeTimeout = ServicesPipeTimeoutReader.Get(),
                Processor           = WmiUtils.FetchFromQuery("Select * From Win32_Processor"),
                OS = WmiUtils.FetchFromQuery("Select * From Win32_OperatingSystem"),
                // Status is OK?
                ComputerSystem = WmiUtils.FetchFromQuery("Select * From Win32_ComputerSystem"),
                Boots          = boots,
            };

            LoggingUtils.DumpTextFile(((object)finalReport).AsJsonString(), "Final-Report.json");
            LoggingUtils.DumpTextFile(((object)finalReport).AsJsonString(false), "Final-Report.min.json");

            Console.WriteLine($" Done: {sw.Elapsed}");
        }
Example #4
0
        internal static bool TryParseWmiDate(string dmtfDate, out DateTime value)
        {
            try
            {
                if (dmtfDate.Length != 8)
                {
                    if (dmtfDate.Length > 9)
                    {
                        if (dmtfDate[8] != '.')
                        {
                            goto label_5;
                        }
                    }
                    else
                    {
                        goto label_5;
                    }
                }
                value = new DateTime(Int32.Parse(dmtfDate.Substring(0, 4)), Int32.Parse(dmtfDate.Substring(4, 2)), Int32.Parse(dmtfDate.Substring(6, 2)));
                return(true);
            }
            catch
            {
            }

label_5:
            try
            {
                bool wmiDateTime = WmiUtils.TryParseWmiDateTime(dmtfDate, out value);
                value = new DateTime(value.Year, value.Month, value.Day);
                return(wmiDateTime);
            }
            catch
            {
            }
            value = DateTime.MinValue;
            return(false);
        }