// Start the parsing of the file
private void worker_DoWork(object sender, DoWorkEventArgs e)
{
EventLogParser parser = new EventLogParser();
parser.OnAction += new MessageHandler(parser_OnAction);
parser.OnProgress += new ProgressHandler(parser_OnProgress);
parser.OnFoundRecord += new NewEventFoundHandler(parser_OnFoundRecord);
parser.Parse(e.Argument.ToString());
}
static void Main(string[] args)
{
string fileExtensionInZIP = ".evtx";
string usernameToFind = "FredF";
string archivedLogPath = @"C:\Users\mike.littlefield\Desktop\Domain Controller Security Logs\";
string outputFilepath = @"C:\users\mike.littlefield\desktop\";
EventLogParser SecurityLog = new EventLogParser(fileExtensionInZIP, usernameToFind, archivedLogPath, outputFilepath);
SecurityLog.ProcessArchives();
}
public unsafe void Parse(string folderName)
{
string[] files = Directory.GetFiles(folderName,"*.evt");
eventLogParser = new EventLogParser();
eventLogParser.OnAction += OnAction;
eventLogParser.OnProgress += OnProgress;
eventLogParser.OnFoundRecord += OnFoundRecord;
foreach(var file in files)
{
eventLogParser.Parse(file);
}
}
public unsafe void Parse(string locationName)
{
IEventLogParser parser;
if (Directory.Exists(locationName) )
{
parser = new FolderParser();
}
else
{
parser = new EventLogParser();
}
parser.OnAction += OnAction;
parser.OnProgress += OnProgress;
parser.OnFoundRecord += OnFoundRecord;
parser.Parse(locationName);
}
// Start the parsing of the file
private void worker_DoWork(object sender, DoWorkEventArgs e)
{
EventLogParser parser = new EventLogParser();
parser.OnAction += new MessageHandler(parser_OnAction);
parser.OnProgress += new ProgressHandler(parser_OnProgress);
parser.OnFoundRecord += new NewEventFoundHandler(parser_OnFoundRecord);
parser.Parse(e.Argument.ToString());
}
