public static int Main(string[] args)
{
CmdLineOptions options = CmdLineOptions.Create(args);
if (options == null)
{
return -1;
}
if(!File.Exists(options.ProcmonLogFilePath))
{
Console.WriteLine("Can not find procmon log file {0}", options.ProcmonLogFilePath);
return -2;
}
var parser = new PmParser(options.ProcmonLogFilePath);
var dependecies = from evnt in parser.GetEvents()
where String.Compare(evnt.Process_Name, options.ProcessName, true) == 0 &&
(evnt.Operation == PmOperations.CreateFile ||
evnt.Operation == PmOperations.LoadImage ||
evnt.Operation == PmOperations.CreateFileMapping) &&
String.Compare(evnt.PathExt, ".dll", true) == 0
group evnt by evnt.PathFileName.ToUpper();
if(dependecies.Count() == 0)
{
Console.WriteLine("Didn't found any dependencies for process {0} in log file {1}", options.ProcessName, options.ProcmonLogFilePath);
return -3;
}
Report(options, dependecies.Select(Analyze));
return 0;
}
public static IEnumerable <PmEvent> GetEvents(string logPath)
{
var parser = new PmParser(logPath);
return(parser.GetEvents());
}
public static IEnumerable<PmEvent> GetEvents(string logPath)
{
var parser = new PmParser(logPath);
return parser.GetEvents();
}
