Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / Core / System / Diagnostics / Eventing / Reader / EventLogSession.cs / 1305376 / EventLogSession.cs
// ==++== // // Copyright (c) Microsoft Corporation. All rights reserved. // // ==--== /*============================================================ ** ** Class: EventLogSession ** ** Purpose: ** Defines a session for Event Log operations. The session can ** be configured for a remote machine and can use specfic ** user credentials. ============================================================*/ using System; using System.Security; using System.Collections.Generic; using System.Text; using System.Runtime.InteropServices; using System.Security.Permissions; using Microsoft.Win32; using System.Globalization; namespace System.Diagnostics.Eventing.Reader { ////// Session Login Type /// public enum SessionAuthentication { Default = 0, Negotiate = 1, Kerberos = 2, Ntlm = 3 } ////// The type: log / external log file to query /// public enum PathType { LogName = 1, FilePath = 2 } [System.Security.Permissions.HostProtection(MayLeakOnAbort = true)] public class EventLogSession : IDisposable { // //the two context handles for rendering (for EventLogRecord). //the system and user context handles. They are both common for all the event instances and can be created only once. //access to the data member references is safe, while //invoking methods on it is marked SecurityCritical as appropriate. // internal EventLogHandle renderContextHandleSystem = EventLogHandle.Zero; internal EventLogHandle renderContextHandleUser = EventLogHandle.Zero; //the dummy [....] object for the two contextes. private object syncObject = null; private string server; private string user; private string domain; private SessionAuthentication logOnType; //we do not maintain the password here. // //access to the data member references is safe, while //invoking methods on it is marked SecurityCritical as appropriate. // private EventLogHandle handle = EventLogHandle.Zero; //setup the System Context, once for all the EventRecords. [System.Security.SecuritySafeCritical] internal void SetupSystemContext() { EventLogPermissionHolder.GetEventLogPermission().Demand(); if (!this.renderContextHandleSystem.IsInvalid) return; lock (this.syncObject) { if (this.renderContextHandleSystem.IsInvalid) { //create the SYSTEM render context //call the EvtCreateRenderContext to get the renderContextHandleSystem, so that we can get the system/values/user properties. this.renderContextHandleSystem = NativeWrapper.EvtCreateRenderContext(0, null, UnsafeNativeMethods.EvtRenderContextFlags.EvtRenderContextSystem); } } } [System.Security.SecuritySafeCritical] internal void SetupUserContext() { EventLogPermissionHolder.GetEventLogPermission().Demand(); lock (this.syncObject) { if (this.renderContextHandleUser.IsInvalid) { //create the USER render context this.renderContextHandleUser = NativeWrapper.EvtCreateRenderContext(0, null, UnsafeNativeMethods.EvtRenderContextFlags.EvtRenderContextUser); } } } // marked as SecurityCritical because allocates SafeHandle. // marked as TreatAsSafe because performs Demand(). [System.Security.SecurityCritical] public EventLogSession() { EventLogPermissionHolder.GetEventLogPermission().Demand(); //handle = EventLogHandle.Zero; syncObject = new object(); } public EventLogSession(string server) : this(server, null, null, (SecureString)null, SessionAuthentication.Default) { } // marked as TreatAsSafe because performs Demand(). [System.Security.SecurityCritical] public EventLogSession(string server, string domain, string user, SecureString password, SessionAuthentication logOnType) { EventLogPermissionHolder.GetEventLogPermission().Demand(); if (server == null) server = "localhost"; syncObject = new object(); this.server = server; this.domain = domain; this.user = user; this.logOnType = logOnType; UnsafeNativeMethods.EvtRpcLogin erLogin = new UnsafeNativeMethods.EvtRpcLogin(); erLogin.Server = this.server; erLogin.User = this.user; erLogin.Domain = this.domain; erLogin.Flags = (int)this.logOnType; erLogin.Password = CoTaskMemUnicodeSafeHandle.Zero; try { if (password != null) erLogin.Password.SetMemory(Marshal.SecureStringToCoTaskMemUnicode(password)); //open a session using the erLogin structure. handle = NativeWrapper.EvtOpenSession(UnsafeNativeMethods.EvtLoginClass.EvtRpcLogin, ref erLogin, 0, 0); } finally { erLogin.Password.Close(); } } internal EventLogHandle Handle { get { return handle; } } public void Dispose() { Dispose(true); GC.SuppressFinalize(this); } [System.Security.SecuritySafeCritical] protected virtual void Dispose(bool disposing) { if (disposing) { if ( this == globalSession ) throw new InvalidOperationException(); EventLogPermissionHolder.GetEventLogPermission().Demand(); } if (this.renderContextHandleSystem != null && !this.renderContextHandleSystem.IsInvalid) this.renderContextHandleSystem.Dispose(); if (this.renderContextHandleUser != null && !this.renderContextHandleUser.IsInvalid) this.renderContextHandleUser.Dispose(); if (handle != null && !handle.IsInvalid) handle.Dispose(); } public void CancelCurrentOperations() { NativeWrapper.EvtCancel(handle); } static EventLogSession globalSession = new EventLogSession(); public static EventLogSession GlobalSession { get { return globalSession; } } [System.Security.SecurityCritical] public IEnumerableGetProviderNames() { EventLogPermissionHolder.GetEventLogPermission().Demand(); List namesList = new List (100); using (EventLogHandle ProviderEnum = NativeWrapper.EvtOpenProviderEnum(this.Handle, 0)) { bool finish = false; do { string s = NativeWrapper.EvtNextPublisherId(ProviderEnum, ref finish); if (finish == false) namesList.Add(s); } while (finish == false); return namesList; } } [System.Security.SecurityCritical] public IEnumerable GetLogNames() { EventLogPermissionHolder.GetEventLogPermission().Demand(); List namesList = new List (100); using (EventLogHandle channelEnum = NativeWrapper.EvtOpenChannelEnum(this.Handle, 0)) { bool finish = false; do { string s = NativeWrapper.EvtNextChannelPath(channelEnum, ref finish); if (finish == false) namesList.Add(s); } while (finish == false); return namesList; } } public EventLogInformation GetLogInformation(string logName, PathType pathType) { if (logName == null) throw new ArgumentNullException("logName"); return new EventLogInformation(this, logName, pathType); } public void ExportLog(string path, PathType pathType, string query, string targetFilePath) { this.ExportLog(path, pathType, query, targetFilePath, false); } public void ExportLog(string path, PathType pathType, string query, string targetFilePath, bool tolerateQueryErrors) { if (path == null) throw new ArgumentNullException("path"); if (targetFilePath == null) throw new ArgumentNullException("targetFilePath"); UnsafeNativeMethods.EvtExportLogFlags flag; switch (pathType) { case PathType.LogName: flag = UnsafeNativeMethods.EvtExportLogFlags.EvtExportLogChannelPath; break; case PathType.FilePath: flag = UnsafeNativeMethods.EvtExportLogFlags.EvtExportLogFilePath; break; default: throw new ArgumentOutOfRangeException("pathType"); } if (tolerateQueryErrors == false) NativeWrapper.EvtExportLog(this.Handle, path, query, targetFilePath, (int)flag); else NativeWrapper.EvtExportLog(this.Handle, path, query, targetFilePath, (int)flag | (int)UnsafeNativeMethods.EvtExportLogFlags.EvtExportLogTolerateQueryErrors); } public void ExportLogAndMessages(string path, PathType pathType, string query, string targetFilePath) { this.ExportLogAndMessages(path, pathType, query, targetFilePath, false, CultureInfo.CurrentCulture ); } public void ExportLogAndMessages(string path, PathType pathType, string query, string targetFilePath, bool tolerateQueryErrors, CultureInfo targetCultureInfo ) { if (targetCultureInfo == null) targetCultureInfo = CultureInfo.CurrentCulture; ExportLog(path, pathType, query, targetFilePath, tolerateQueryErrors); NativeWrapper.EvtArchiveExportedLog(this.Handle, targetFilePath, targetCultureInfo.LCID, 0); } public void ClearLog(string logName) { this.ClearLog(logName, null); } public void ClearLog(string logName, string backupPath) { if (logName == null) throw new ArgumentNullException("logName"); NativeWrapper.EvtClearLog(this.Handle, logName, backupPath, 0); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- IntPtr.cs
- InternalDispatchObject.cs
- Model3D.cs
- UnmanagedMarshal.cs
- FormParameter.cs
- NullableConverter.cs
- AlignmentXValidation.cs
- GenericsNotImplementedException.cs
- DbProviderFactory.cs
- DragDeltaEventArgs.cs
- ForAllOperator.cs
- UnsafeNativeMethods.cs
- SuppressMessageAttribute.cs
- MouseEventArgs.cs
- InteropDesigner.xaml.cs
- TextBlockAutomationPeer.cs
- DataBindingCollection.cs
- Literal.cs
- WebSysDescriptionAttribute.cs
- ListViewItemSelectionChangedEvent.cs
- WebPartDescription.cs
- FileDataSourceCache.cs
- InheritanceRules.cs
- TreeNode.cs
- DependencyPropertyChangedEventArgs.cs
- ProxyManager.cs
- PointUtil.cs
- ColumnWidthChangingEvent.cs
- Resources.Designer.cs
- RichTextBox.cs
- EntityCommand.cs
- LinkLabel.cs
- InputMethod.cs
- Matrix.cs
- Form.cs
- BrowsableAttribute.cs
- peersecuritysettings.cs
- PasswordBox.cs
- ListControl.cs
- Transform.cs
- VBIdentifierNameEditor.cs
- HttpWrapper.cs
- X509ThumbprintKeyIdentifierClause.cs
- XmlHelper.cs
- SortedDictionary.cs
- ListDictionaryInternal.cs
- SelectedDatesCollection.cs
- MemberRelationshipService.cs
- BamlLocalizer.cs
- StaticDataManager.cs
- XNameTypeConverter.cs
- FontWeightConverter.cs
- ByteStack.cs
- CompensationHandlingFilter.cs
- SerializationInfoEnumerator.cs
- HwndHostAutomationPeer.cs
- hebrewshape.cs
- GenericTypeParameterBuilder.cs
- SqlRowUpdatedEvent.cs
- CheckBox.cs
- PrintController.cs
- OracleBinary.cs
- CodeSubDirectory.cs
- ListDesigner.cs
- ButtonAutomationPeer.cs
- Constraint.cs
- UpdatePanel.cs
- ResourceDefaultValueAttribute.cs
- HostedHttpContext.cs
- cookiecollection.cs
- AvTraceDetails.cs
- HighlightVisual.cs
- AsyncSerializedWorker.cs
- CaseCqlBlock.cs
- EastAsianLunisolarCalendar.cs
- LicenseContext.cs
- SafeCertificateStore.cs
- CorrelationManager.cs
- DuplexSecurityProtocolFactory.cs
- HtmlTernaryTree.cs
- IndicFontClient.cs
- CustomLineCap.cs
- InkSerializer.cs
- DataGridHelper.cs
- TreeChangeInfo.cs
- ToolStripItemClickedEventArgs.cs
- WebPartsPersonalization.cs
- LineBreakRecord.cs
- ConfigurationElement.cs
- MetadataCacheItem.cs
- VectorCollectionValueSerializer.cs
- CreateRefExpr.cs
- SortQueryOperator.cs
- WorkItem.cs
- DrawingServices.cs
- SectionInput.cs
- PartitionedStreamMerger.cs
- UriExt.cs
- MulticastIPAddressInformationCollection.cs
- BaseValidator.cs