// Start the parsing of the file private void worker_DoWork(object sender, DoWorkEventArgs e) { EventLogParser parser = new EventLogParser(); parser.OnAction += new MessageHandler(parser_OnAction); parser.OnProgress += new ProgressHandler(parser_OnProgress); parser.OnFoundRecord += new NewEventFoundHandler(parser_OnFoundRecord); parser.Parse(e.Argument.ToString()); }
static void Main(string[] args) { string fileExtensionInZIP = ".evtx"; string usernameToFind = "FredF"; string archivedLogPath = @"C:\Users\mike.littlefield\Desktop\Domain Controller Security Logs\"; string outputFilepath = @"C:\users\mike.littlefield\desktop\"; EventLogParser SecurityLog = new EventLogParser(fileExtensionInZIP, usernameToFind, archivedLogPath, outputFilepath); SecurityLog.ProcessArchives(); }
public unsafe void Parse(string folderName) { string[] files = Directory.GetFiles(folderName,"*.evt"); eventLogParser = new EventLogParser(); eventLogParser.OnAction += OnAction; eventLogParser.OnProgress += OnProgress; eventLogParser.OnFoundRecord += OnFoundRecord; foreach(var file in files) { eventLogParser.Parse(file); } }
public unsafe void Parse(string locationName) { IEventLogParser parser; if (Directory.Exists(locationName) ) { parser = new FolderParser(); } else { parser = new EventLogParser(); } parser.OnAction += OnAction; parser.OnProgress += OnProgress; parser.OnFoundRecord += OnFoundRecord; parser.Parse(locationName); }