//Only setup to Read in the data from a Procmon CSV file
private void DisplayButton_Click(object sender, EventArgs e)
{
DataTable dataTable = new DataTable();
dataTable.Columns.Add("Time");
dataTable.Columns.Add("Process Name");
dataTable.Columns.Add("PID");
dataTable.Columns.Add("File Name");
dataTable.Columns.Add("Operation");
dataTable.Columns.Add("Length");
dataTable.Columns.Add("Path");
string filePath = textBoxFilePath.Text;
try
{
StreamReader streamReader = new StreamReader(filePath);
string[] totalData = new string[File.ReadAllLines(filePath).Length];
long fileSize;
long stringSize;
long progress = 0;
FindFileSize(filePath, out fileSize);
//progress bar
loadingForm load = new loadingForm(dataGridView1, this, fileSize, progress);
load.Show();
//Reset the data grid
dataGridView1.DataSource = null;
if (fileSize != 0)
{
string defaultLengthValue = "0";
string defaultPath = "noFilePathFound";
string line = streamReader.ReadLine();
int lineCount = 1;
totalData = streamReader.ReadLine().Split('"');
stringSize = line.Length + 2;
progress += stringSize;
while (!streamReader.EndOfStream)
{
lineCount++;
line = streamReader.ReadLine();
totalData = line.Split('"');
stringSize = line.Length + 2;
progress += stringSize;
Update();
load.setprogress(progress);
if (load.iscanceled())
{
load.Close();
break;
}
Application.DoEvents();
ParseProcmonData(totalData, defaultLengthValue, defaultPath);
//to deal with arrays of different sizes
if (totalData.Length == 15)
{
dataTable.Rows.Add(
totalData[PM_TimeOfDay],
totalData[PM_ProcessName],
totalData[PM_PID],
totalData[PM_FileName],
totalData[PM_Operation],
totalData[PM_Length],
totalData[PM_Path]
);
}
if (totalData.Length == 14)
{
dataTable.Rows.Add(
totalData[PM_TimeOfDay],
totalData[PM_ProcessName],
totalData[PM_PID],
totalData[PM_FileName],
totalData[PM_Operation],
totalData[PM_lengthFromSmallArray],
totalData[PM_Path]
);
}
}
load.Close();
//If file load is not cancelled
ProcessFileData(dataTable, load);
}
}//end try
catch (Exception exc)
{
MessageBox.Show(exc.Message);
}
}
//Calculate the size/length of each process
private void FindLengthForEachProcess()
{
var ProcessFileList = new List <ProcessData>();
var ProcessIDList = new List <ProcessData>();
int[] topLengths = new int[10];
int[] topIDLengths = new int[10];
string[] topFileNames = new string[10];
string[] topProcessID = new string[10];
int processLength = 0;
string processTime;
string processName = "";
string processFileName = "";
string processPath = "";
string processPID = "";
string processOperation = "";
bool processFound = false;
int loopCounter = 0;
string processKeyString = "";
//Var for bar chart
string processKeyID = "";
bool processIDFound = false;
//find the rows with the matching process key and then add the length for
//each of these rows together and select the top ten values
//to populate the bar chart
long rowCount = 0;
rowCount = dataGridView1.Rows.Count;
long progress = 1;
//progress bar
loadingForm load = new loadingForm(dataGridView1, this, rowCount, progress);
load.Show();
foreach (DataGridViewRow row in dataGridView1.Rows)
{
try
{
processTime = row.Cells[DG_Time].Value.ToString();
processFileName = row.Cells[DG_FileName].Value.ToString();
processName = row.Cells[DG_Name].Value.ToString();
processOperation = row.Cells[DG_Operation].Value.ToString();
processPID = row.Cells[DG_PID].Value.ToString();
processPath = row.Cells[DG_Path].Value.ToString();
int iPL = 0;
int.TryParse(row.Cells[DG_Length].Value.ToString(), out iPL);
processLength = iPL;
processKeyString = processName + "|" + processPID + "|" + processPath + "|" + processOperation;
processKeyID = processName + "|" + processPID + "|" + processOperation;
//If the processKey is found in the list, append the length value and set processFound to true
processFound = AppendLength(ProcessFileList, processLength, processKeyString);
if (processFound == false)
{
AddNewItemToList(ProcessFileList, processLength, processName, processTime, processFileName, processPath, processPID, processOperation, processFound, processKeyString);
}
processIDFound = AppendLength(ProcessIDList, processLength, processKeyID);
AddNewItemToList(ProcessIDList, processLength, processName, processTime, processFileName, processPath, processPID, processOperation, processIDFound, processKeyID);
ComboBoxListItems(operationList, processOperation);
loopCounter++;
//Increment the progress bar
progress++;
load.setFilterprogress(progress);
if (load.iscanceled())
{
load.Close();
break;
}
Application.DoEvents();
if (loopCounter == dataGridView1.Rows.Count - 1)
{
break;
}
}
catch (Exception exc)
{
MessageBox.Show(exc.Message);
}
}
SortedFileList(ProcessFileList);
SortedProcessList(ProcessIDList);
FilterOnCombobox(ProcessFileList, ProcessIDList, topLengths, topIDLengths, topFileNames, topProcessID);
PopulateChart(topLengths, topIDLengths, topFileNames, topProcessID);
totalProcessesLabel.Text = ProcessFileList.Count().ToString();
}