Exemplo n.º 1
0
        //Only setup to Read in the data from a Procmon CSV file
        private void DisplayButton_Click(object sender, EventArgs e)
        {
            DataTable dataTable = new DataTable();

            dataTable.Columns.Add("Time");
            dataTable.Columns.Add("Process Name");
            dataTable.Columns.Add("PID");
            dataTable.Columns.Add("File Name");
            dataTable.Columns.Add("Operation");
            dataTable.Columns.Add("Length");
            dataTable.Columns.Add("Path");

            string filePath = textBoxFilePath.Text;

            try
            {
                StreamReader streamReader = new StreamReader(filePath);
                string[]     totalData    = new string[File.ReadAllLines(filePath).Length];

                long fileSize;
                long stringSize;
                long progress = 0;


                FindFileSize(filePath, out fileSize);

                //progress bar
                loadingForm load = new loadingForm(dataGridView1, this, fileSize, progress);
                load.Show();

                //Reset the data grid
                dataGridView1.DataSource = null;

                if (fileSize != 0)
                {
                    string defaultLengthValue = "0";
                    string defaultPath        = "noFilePathFound";

                    string line = streamReader.ReadLine();

                    int lineCount = 1;
                    totalData  = streamReader.ReadLine().Split('"');
                    stringSize = line.Length + 2;
                    progress  += stringSize;
                    while (!streamReader.EndOfStream)
                    {
                        lineCount++;
                        line      = streamReader.ReadLine();
                        totalData = line.Split('"');

                        stringSize = line.Length + 2;
                        progress  += stringSize;

                        Update();

                        load.setprogress(progress);
                        if (load.iscanceled())
                        {
                            load.Close();
                            break;
                        }
                        Application.DoEvents();

                        ParseProcmonData(totalData, defaultLengthValue, defaultPath);



                        //to deal with arrays of different sizes
                        if (totalData.Length == 15)
                        {
                            dataTable.Rows.Add(
                                totalData[PM_TimeOfDay],
                                totalData[PM_ProcessName],
                                totalData[PM_PID],
                                totalData[PM_FileName],
                                totalData[PM_Operation],
                                totalData[PM_Length],
                                totalData[PM_Path]
                                );
                        }
                        if (totalData.Length == 14)
                        {
                            dataTable.Rows.Add(
                                totalData[PM_TimeOfDay],
                                totalData[PM_ProcessName],
                                totalData[PM_PID],
                                totalData[PM_FileName],
                                totalData[PM_Operation],
                                totalData[PM_lengthFromSmallArray],
                                totalData[PM_Path]
                                );
                        }
                    }
                    load.Close();
                    //If file load is not cancelled
                    ProcessFileData(dataTable, load);
                }
            }//end try
            catch (Exception exc)
            {
                MessageBox.Show(exc.Message);
            }
        }
Exemplo n.º 2
0
        //Calculate the size/length of each process
        private void FindLengthForEachProcess()
        {
            var ProcessFileList = new List <ProcessData>();
            var ProcessIDList   = new List <ProcessData>();

            int[]    topLengths   = new int[10];
            int[]    topIDLengths = new int[10];
            string[] topFileNames = new string[10];
            string[] topProcessID = new string[10];

            int    processLength = 0;
            string processTime;
            string processName      = "";
            string processFileName  = "";
            string processPath      = "";
            string processPID       = "";
            string processOperation = "";
            bool   processFound     = false;
            int    loopCounter      = 0;
            string processKeyString = "";
            //Var for bar chart
            string processKeyID   = "";
            bool   processIDFound = false;

            //find the rows with the matching process key and then add the length for
            //each of these rows together and select the top ten values
            //to populate the bar chart
            long rowCount = 0;

            rowCount = dataGridView1.Rows.Count;
            long progress = 1;

            //progress bar
            loadingForm load = new loadingForm(dataGridView1, this, rowCount, progress);

            load.Show();

            foreach (DataGridViewRow row in dataGridView1.Rows)
            {
                try
                {
                    processTime      = row.Cells[DG_Time].Value.ToString();
                    processFileName  = row.Cells[DG_FileName].Value.ToString();
                    processName      = row.Cells[DG_Name].Value.ToString();
                    processOperation = row.Cells[DG_Operation].Value.ToString();
                    processPID       = row.Cells[DG_PID].Value.ToString();
                    processPath      = row.Cells[DG_Path].Value.ToString();
                    int iPL = 0;
                    int.TryParse(row.Cells[DG_Length].Value.ToString(), out iPL);
                    processLength = iPL;



                    processKeyString = processName + "|" + processPID + "|" + processPath + "|" + processOperation;
                    processKeyID     = processName + "|" + processPID + "|" + processOperation;

                    //If the processKey is found in the list, append the length value and set processFound to true
                    processFound = AppendLength(ProcessFileList, processLength, processKeyString);
                    if (processFound == false)
                    {
                        AddNewItemToList(ProcessFileList, processLength, processName, processTime, processFileName, processPath, processPID, processOperation, processFound, processKeyString);
                    }

                    processIDFound = AppendLength(ProcessIDList, processLength, processKeyID);
                    AddNewItemToList(ProcessIDList, processLength, processName, processTime, processFileName, processPath, processPID, processOperation, processIDFound, processKeyID);



                    ComboBoxListItems(operationList, processOperation);


                    loopCounter++;

                    //Increment the progress bar
                    progress++;
                    load.setFilterprogress(progress);

                    if (load.iscanceled())
                    {
                        load.Close();
                        break;
                    }
                    Application.DoEvents();
                    if (loopCounter == dataGridView1.Rows.Count - 1)
                    {
                        break;
                    }
                }
                catch (Exception exc)
                {
                    MessageBox.Show(exc.Message);
                }
            }



            SortedFileList(ProcessFileList);

            SortedProcessList(ProcessIDList);

            FilterOnCombobox(ProcessFileList, ProcessIDList, topLengths, topIDLengths, topFileNames, topProcessID);

            PopulateChart(topLengths, topIDLengths, topFileNames, topProcessID);

            totalProcessesLabel.Text = ProcessFileList.Count().ToString();
        }