static void Main(string[] args)
{
if (args.Length == 0)
{
return;
}
string dataDirectoryPath = args[0];
Console.WriteLine($"{DateTime.Now}: Инициализация чтения логов \"{dataDirectoryPath}\"...");
using (EventLogReader reader = EventLogReader.CreateReader(dataDirectoryPath))
{
reader.AfterReadEvent += Reader_AfterReadEvent;
reader.AfterReadFile += Reader_AfterReadFile;
reader.BeforeReadEvent += Reader_BeforeReadEvent;
reader.BeforeReadFile += Reader_BeforeReadFile;
reader.OnErrorEvent += Reader_OnErrorEvent;
Console.WriteLine($"{DateTime.Now}: Всего событий к обработке: ({reader.Count()})...");
Console.WriteLine();
Console.WriteLine();
while (reader.Read())
{
// reader.CurrentRow - данные текущего события
_eventNumber += 1;
}
}
Console.WriteLine($"{DateTime.Now}: Для выхода нажмите любую клавишу...");
Console.ReadKey();
}
private void GetCountLogFiles_Test(string eventLogPath)
{
long countLogFiles = 0;
using (EventLogReader reader = EventLogReader.CreateReader(eventLogPath))
{
reader.Reset();
if (reader is EventLogLGFReader)
{
EventLogLGFReader readerLGF = (EventLogLGFReader)reader;
while (readerLGF.CurrentFile != null)
{
reader.NextFile();
countLogFiles += 1;
}
}
else if (reader is EventLogLGDReader)
{
countLogFiles = 1;
}
}
Assert.NotEqual(0, countLogFiles);
}
private void GoToEvent_Test(string eventLogPath)
{
string dataAfterGoEvent = string.Empty;
string dataAfterSetPosition = string.Empty;
using (EventLogReader reader = EventLogReader.CreateReader(eventLogPath))
{
reader.GoToEvent(5);
EventLogPosition eventPosition = reader.GetCurrentPosition();
if (reader.Read())
{
dataAfterGoEvent = reader.CurrentRow.Data;
}
reader.Reset();
reader.SetCurrentPosition(eventPosition);
if (reader.Read())
{
dataAfterSetPosition = reader.CurrentRow.Data;
}
}
Assert.Equal(dataAfterGoEvent, dataAfterSetPosition);
}
private void GetAndSetPosition_Test(string eventLogPath)
{
long countRecords = 0;
long countRecordsStepByStep = 0;
long countRecordsStepByStepAfterSetPosition = 0;
using (EventLogReader reader = EventLogReader.CreateReader(eventLogPath))
{
countRecords = reader.Count();
while (reader.Read())
{
countRecordsStepByStep += 1;
}
reader.Reset();
EventLogPosition position = reader.GetCurrentPosition();
while (reader.Read())
{
;
}
reader.SetCurrentPosition(position);
while (reader.Read())
{
countRecordsStepByStepAfterSetPosition += 1;
}
}
Assert.NotEqual(0, countRecords);
Assert.NotEqual(0, countRecordsStepByStep);
Assert.NotEqual(0, countRecordsStepByStepAfterSetPosition);
Assert.Equal(countRecords, countRecordsStepByStep);
Assert.Equal(countRecords, countRecordsStepByStepAfterSetPosition);
}
private void ExportToPostgreSQL(EventLogExportSettings eventLogSettings)
{
EventLogOnPostgreSQL target = new EventLogOnPostgreSQL(_optionsBuilder.Options, eventLogSettings.Portion);
target.SetInformationSystem(new InformationSystemsBase()
{
Name = eventLogSettings.InforamtionSystemName,
Description = eventLogSettings.InforamtionSystemDescription
});
ExportHelper.ExportToTargetStorage(eventLogSettings, target);
long rowsInDB;
using (EventLogContext context = EventLogContext.Create(_optionsBuilder.Options, _settings.DBMSActions))
{
var informationSystem = context.InformationSystems
.First(i => i.Name == eventLogSettings.InforamtionSystemName);
var getCount = context.RowsData
.Where(r => r.InformationSystemId == informationSystem.Id)
.LongCountAsync();
getCount.Wait();
rowsInDB = getCount.Result;
}
long rowsInSourceFiles;
using (EventLogReader reader = EventLogReader.CreateReader(eventLogSettings.EventLogPath))
rowsInSourceFiles = reader.Count();
Assert.NotEqual(0, rowsInSourceFiles);
Assert.NotEqual(0, rowsInDB);
Assert.Equal(rowsInSourceFiles, rowsInDB);
}
public void SetEventLogPath(string eventLogPath)
{
_eventLogPath = eventLogPath;
if (!string.IsNullOrEmpty(_eventLogPath))
{
_reader = EventLogReader.CreateReader(_eventLogPath);
}
}
public void SetEventLogPath(string eventLogPath)
{
_eventLogPath = eventLogPath;
if (!string.IsNullOrEmpty(_eventLogPath))
{
_reader = EventLogReader.CreateReader(_eventLogPath);
_reader.SetTimeZone(_target != null ? _target.GetTimeZone() : TimeZoneInfo.Local);
}
}
private void ExportToClickHouse(EventLogExportSettings eventLogSettings)
{
Console.WriteLine(_settings.ConnectionString);
ClickHouseHelpers.DropDatabaseIfExist(_settings.ConnectionString);
EventLogOnClickHouse target = new EventLogOnClickHouse(_settings.ConnectionString, eventLogSettings.Portion);
target.SetInformationSystem(new InformationSystemsBase()
{
Name = eventLogSettings.InforamtionSystemName,
Description = eventLogSettings.InforamtionSystemDescription
});
ExportHelper.ExportToTargetStorage(eventLogSettings, target);
long rowsInDB;
using (var connection = new ClickHouseConnection(_settings.ConnectionString))
{
connection.Open();
using (var cmd = connection.CreateCommand())
{
cmd.CommandText =
@"SELECT
COUNT(*) CNT
FROM RowsData rd
WHERE InformationSystem = {InformationSystem:String}";
cmd.Parameters.Add(new ClickHouseDbParameter
{
ParameterName = "InformationSystem",
Value = eventLogSettings.InforamtionSystemName
});
using (var cmdReader = cmd.ExecuteReader())
{
if (cmdReader.Read())
{
rowsInDB = Convert.ToInt64(cmdReader.GetValue(0));
}
else
{
rowsInDB = 0;
}
}
}
}
long rowsInSourceFiles;
using (EventLogReader reader = EventLogReader.CreateReader(eventLogSettings.EventLogPath))
rowsInSourceFiles = reader.Count();
Assert.NotEqual(0, rowsInSourceFiles);
Assert.NotEqual(0, rowsInDB);
Assert.Equal(rowsInSourceFiles, rowsInDB);
}
private void ExportToElasticSearch(EventLogExportSettingsForElasticSearch eventLogSettings)
{
ConnectionSettings elasticSettings = new ConnectionSettings(eventLogSettings.NodeAddress)
.DefaultIndex(eventLogSettings.IndexName)
.MaximumRetries(eventLogSettings.MaximumRetries)
.MaxRetryTimeout(TimeSpan.FromSeconds(eventLogSettings.MaxRetryTimeout));
EventLogOnElasticSearch target = new EventLogOnElasticSearch(elasticSettings, eventLogSettings.Portion);
target.SetInformationSystem(new InformationSystemsBase()
{
Name = eventLogSettings.InforamtionSystemName,
Description = eventLogSettings.InforamtionSystemDescription
});
target.SetIndexName(eventLogSettings.IndexName);
target.SetIndexSeparationPeriod(eventLogSettings.IndexSeparation);
ElasticClient client = new ElasticClient(elasticSettings);
var allIndices = client.Indices.Get(new GetIndexRequest(Indices.All));
foreach (var indexInfo in allIndices.Indices)
{
if (indexInfo.Key.Name.StartsWith(eventLogSettings.IndexName))
{
client.Indices.Delete(indexInfo.Key.Name);
}
}
ExportHelperForElasticSearch.ExportToTargetStorage(eventLogSettings, target);
Thread.Sleep(30000);
long rowsInES = 0;
string indexNameLGF_WithData = $"{eventLogSettings.IndexName}-logdata";
var allIndicesCheckData = client.Indices.Get(new GetIndexRequest(Indices.All));
foreach (var indexInfo in allIndicesCheckData.Indices)
{
if (indexInfo.Key.Name.StartsWith(indexNameLGF_WithData))
{
var countResponse = client.Count <LogDataElement>(c => c
.Index(indexInfo.Key.Name));
rowsInES += countResponse.Count;
}
}
long rowsInSourceFiles;
using (EventLogReader reader = EventLogReader.CreateReader(eventLogSettings.EventLogPath))
rowsInSourceFiles = reader.Count();
Assert.NotEqual(0, rowsInSourceFiles);
Assert.NotEqual(0, rowsInES);
Assert.Equal(rowsInSourceFiles, rowsInES);
}
public void ReadEventLogReferences_Test()
{
bool dataExists = false;
using (EventLogReader reader = EventLogReader.CreateReader(sampleDatabaseFile))
{
dataExists =
reader.Applications.Count > 0 &&
reader.Events.Count > 0 &&
reader.WorkServers.Count > 0;
}
Assert.True(dataExists);
}
private void GetCount_Test(string eventLogPath)
{
long countRecords = 0;
long countRecordsStepByStep = 0;
using (EventLogReader reader = EventLogReader.CreateReader(eventLogPath))
{
countRecords = reader.Count();
while (reader.Read())
{
countRecordsStepByStep += 1;
}
}
Assert.NotEqual(0, countRecords);
Assert.NotEqual(0, countRecordsStepByStep);
Assert.Equal(countRecords, countRecordsStepByStep);
}
public void GetMD5Hash_Test()
{
ReferencesData data1;
ReferencesData data2;
using (EventLogReader reader = EventLogReader.CreateReader(_sampleDatabaseFileLGF))
{
data1 = ReferencesData.CreateFromReader(reader);
}
using (EventLogReader reader = EventLogReader.CreateReader(_sampleDatabaseFileLGF))
{
data2 = ReferencesData.CreateFromReader(reader);
}
string hashMD51 = MD5HashGenerator.GetMd5Hash(data1);
string hashMD52 = MD5HashGenerator.GetMd5Hash(data2);
Assert.Equal(hashMD51, hashMD52);
}
private void ReadRefferences_IfChanged_Test(string eventLogPath)
{
DateTime lastReadReferencesDateBeforeRead = DateTime.MinValue;
DateTime lastReadReferencesDate = DateTime.MinValue;
using (EventLogReader reader = EventLogReader.CreateReader(eventLogPath))
{
lastReadReferencesDateBeforeRead = reader.ReferencesReadDate;
Thread.Sleep(2000);
if (reader is EventLogLGFReader)
{
#region LGF
EventLogLGFReader lgfReader = (EventLogLGFReader)reader;
using (StreamWriter sw = File.AppendText(lgfReader.CurrentFile))
{
string descriptionNewEvent = "Новое событие в процессе чтения!";
DateTime newLogRecordPeriod = DateTime.Now;
string newLogRecordPeriodAsString = newLogRecordPeriod.ToString("yyyyMMddHHmmss");
sw.WriteLine(",");
sw.WriteLine($"{{{newLogRecordPeriodAsString},N,");
sw.WriteLine($"{{0,0}},1,1,2,2,3,N,\"{descriptionNewEvent}\",3,");
sw.WriteLine($"{{\"S\",\"{descriptionNewEvent}\"}},\"\",1,1,0,2,0,");
sw.WriteLine("{0}");
sw.WriteLine("}");
}
#endregion
}
else if (reader is EventLogLGDReader)
{
#region LGD
string lgdConnectionString = SQLiteExtensions.GetConnectionString(eventLogPath, false);
using (SQLiteConnection connection = new SQLiteConnection(lgdConnectionString))
{
connection.Open();
string queryText = String.Format(
"Select\n" +
" el.RowId,\n" +
" el.Date AS Date,\n" +
" el.ConnectId,\n" +
" el.Session,\n" +
" el.TransactionStatus,\n" +
" el.TransactionDate,\n" +
" el.TransactionId,\n" +
" el.UserCode AS UserCode,\n" +
" el.ComputerCode AS ComputerCode,\n" +
" el.appCode AS ApplicationCode,\n" +
" el.eventCode AS EventCode,\n" +
" el.primaryPortCode AS PrimaryPortCode,\n" +
" el.secondaryPortCode AS SecondaryPortCode,\n" +
" el.workServerCode AS WorkServerCode,\n" +
" el.Severity AS SeverityCode,\n" +
" el.Comment AS Comment,\n" +
" el.Data AS Data,\n" +
" el.DataPresentation AS DataPresentation,\n" +
" elm.metadataCode AS MetadataCode\n" +
"From\n" +
" EventLog el\n" +
" left join EventLogMetadata elm on el.RowId = elm.eventLogID\n" +
" left join MetadataCodes mc on elm.metadataCode = mc.code\n" +
"Where RowID = (SELECT MAX(RowID) from EventLog)\n");
using (SQLiteCommand sqliteCmd = new SQLiteCommand(queryText, connection))
{
long RowID = 0, ConnectId = 0, Session = 0,
TransactionStatus = 0, TransactionDate = 0, TransactionId = 0,
User = 0, Computer = 0, Application = 0, Event = 0, PrimaryPort = 0,
SecondaryPort = 0, WorkServer = 0, Severity = 0, Metadata = 0;
string Comment = string.Empty, Data = string.Empty, DataPresentation = string.Empty;
using (SQLiteDataReader sqliteReader = sqliteCmd.ExecuteReader())
{
while (sqliteReader.Read())
{
RowID = sqliteReader.GetInt64OrDefault(0);
ConnectId = sqliteReader.GetInt64OrDefault(2);
Session = sqliteReader.GetInt64OrDefault(3);
TransactionStatus = sqliteReader.GetInt64OrDefault(4);
TransactionDate = sqliteReader.GetInt64OrDefault(5);
TransactionId = sqliteReader.GetInt64OrDefault(6);
User = sqliteReader.GetInt64OrDefault(7);
Computer = sqliteReader.GetInt64OrDefault(8);
Application = sqliteReader.GetInt64OrDefault(9);
Event = sqliteReader.GetInt64OrDefault(10);
PrimaryPort = sqliteReader.GetInt64OrDefault(11);
SecondaryPort = sqliteReader.GetInt64OrDefault(12);
WorkServer = sqliteReader.GetInt64OrDefault(13);
Severity = sqliteReader.GetInt64OrDefault(14);
Comment = sqliteReader.GetStringOrDefault(15);
Data = sqliteReader.GetStringOrDefault(16);
DataPresentation = sqliteReader.GetStringOrDefault(17);
Metadata = sqliteReader.GetInt64OrDefault(18);
}
}
string queryInsertLog =
"INSERT INTO EventLog " +
"(" +
" RowId, " +
" Date, " +
" ConnectId, " +
" Session, " +
" TransactionStatus, " +
" TransactionDate, " +
" TransactionId, " +
" UserCode, " +
" ComputerCode, " +
" appCode, " +
" eventCode, " +
" primaryPortCode, " +
" secondaryPortCode, " +
" workServerCode, " +
" Severity, " +
" Comment, " +
" Data, " +
" DataPresentation " +
") " +
"VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
using (SQLiteCommand insertSQL = new SQLiteCommand(queryInsertLog, connection))
{
long newRowId = RowID + 1;
long newPeriod = DateTime.Now.ToLongDateTimeFormat();
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, newRowId));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, newPeriod));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, ConnectId));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, Session));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, TransactionStatus));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, TransactionDate));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, TransactionId));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, User));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, Computer));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, Application));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, Event));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, PrimaryPort));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, SecondaryPort));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, WorkServer));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.Int64, Severity));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.String, Comment));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.String, Data));
insertSQL.Parameters.Add(new SQLiteParameter(DbType.String, DataPresentation));
insertSQL.ExecuteNonQuery();
}
}
}
#endregion
}
while (reader.Read())
{
;
}
lastReadReferencesDate = reader.ReferencesReadDate;
}
Assert.NotEqual(DateTime.MinValue, lastReadReferencesDate);
Assert.NotEqual(DateTime.MinValue, lastReadReferencesDateBeforeRead);
Assert.True(lastReadReferencesDateBeforeRead < lastReadReferencesDate);
}
