Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / Core / System / Diagnostics / Eventing / Reader / EventLogSession.cs / 1305376 / EventLogSession.cs
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
/*============================================================
**
** Class: EventLogSession
**
** Purpose:
** Defines a session for Event Log operations. The session can
** be configured for a remote machine and can use specfic
** user credentials.
============================================================*/
using System;
using System.Security;
using System.Collections.Generic;
using System.Text;
using System.Runtime.InteropServices;
using System.Security.Permissions;
using Microsoft.Win32;
using System.Globalization;
namespace System.Diagnostics.Eventing.Reader {
///
/// Session Login Type
///
public enum SessionAuthentication {
Default = 0,
Negotiate = 1,
Kerberos = 2,
Ntlm = 3
}
///
/// The type: log / external log file to query
///
public enum PathType
{
LogName = 1,
FilePath = 2
}
[System.Security.Permissions.HostProtection(MayLeakOnAbort = true)]
public class EventLogSession : IDisposable {
//
//the two context handles for rendering (for EventLogRecord).
//the system and user context handles. They are both common for all the event instances and can be created only once.
//access to the data member references is safe, while
//invoking methods on it is marked SecurityCritical as appropriate.
//
internal EventLogHandle renderContextHandleSystem = EventLogHandle.Zero;
internal EventLogHandle renderContextHandleUser = EventLogHandle.Zero;
//the dummy [....] object for the two contextes.
private object syncObject = null;
private string server;
private string user;
private string domain;
private SessionAuthentication logOnType;
//we do not maintain the password here.
//
//access to the data member references is safe, while
//invoking methods on it is marked SecurityCritical as appropriate.
//
private EventLogHandle handle = EventLogHandle.Zero;
//setup the System Context, once for all the EventRecords.
[System.Security.SecuritySafeCritical]
internal void SetupSystemContext() {
EventLogPermissionHolder.GetEventLogPermission().Demand();
if (!this.renderContextHandleSystem.IsInvalid)
return;
lock (this.syncObject) {
if (this.renderContextHandleSystem.IsInvalid) {
//create the SYSTEM render context
//call the EvtCreateRenderContext to get the renderContextHandleSystem, so that we can get the system/values/user properties.
this.renderContextHandleSystem = NativeWrapper.EvtCreateRenderContext(0, null, UnsafeNativeMethods.EvtRenderContextFlags.EvtRenderContextSystem);
}
}
}
[System.Security.SecuritySafeCritical]
internal void SetupUserContext() {
EventLogPermissionHolder.GetEventLogPermission().Demand();
lock (this.syncObject) {
if (this.renderContextHandleUser.IsInvalid) {
//create the USER render context
this.renderContextHandleUser = NativeWrapper.EvtCreateRenderContext(0, null, UnsafeNativeMethods.EvtRenderContextFlags.EvtRenderContextUser);
}
}
}
// marked as SecurityCritical because allocates SafeHandle.
// marked as TreatAsSafe because performs Demand().
[System.Security.SecurityCritical]
public EventLogSession() {
EventLogPermissionHolder.GetEventLogPermission().Demand();
//handle = EventLogHandle.Zero;
syncObject = new object();
}
public EventLogSession(string server)
:
this(server, null, null, (SecureString)null, SessionAuthentication.Default) {
}
// marked as TreatAsSafe because performs Demand().
[System.Security.SecurityCritical]
public EventLogSession(string server, string domain, string user, SecureString password, SessionAuthentication logOnType) {
EventLogPermissionHolder.GetEventLogPermission().Demand();
if (server == null)
server = "localhost";
syncObject = new object();
this.server = server;
this.domain = domain;
this.user = user;
this.logOnType = logOnType;
UnsafeNativeMethods.EvtRpcLogin erLogin = new UnsafeNativeMethods.EvtRpcLogin();
erLogin.Server = this.server;
erLogin.User = this.user;
erLogin.Domain = this.domain;
erLogin.Flags = (int)this.logOnType;
erLogin.Password = CoTaskMemUnicodeSafeHandle.Zero;
try {
if (password != null)
erLogin.Password.SetMemory(Marshal.SecureStringToCoTaskMemUnicode(password));
//open a session using the erLogin structure.
handle = NativeWrapper.EvtOpenSession(UnsafeNativeMethods.EvtLoginClass.EvtRpcLogin, ref erLogin, 0, 0);
}
finally {
erLogin.Password.Close();
}
}
internal EventLogHandle Handle {
get {
return handle;
}
}
public void Dispose() {
Dispose(true);
GC.SuppressFinalize(this);
}
[System.Security.SecuritySafeCritical]
protected virtual void Dispose(bool disposing) {
if (disposing) {
if ( this == globalSession )
throw new InvalidOperationException();
EventLogPermissionHolder.GetEventLogPermission().Demand();
}
if (this.renderContextHandleSystem != null &&
!this.renderContextHandleSystem.IsInvalid)
this.renderContextHandleSystem.Dispose();
if (this.renderContextHandleUser != null &&
!this.renderContextHandleUser.IsInvalid)
this.renderContextHandleUser.Dispose();
if (handle != null && !handle.IsInvalid)
handle.Dispose();
}
public void CancelCurrentOperations() {
NativeWrapper.EvtCancel(handle);
}
static EventLogSession globalSession = new EventLogSession();
public static EventLogSession GlobalSession {
get { return globalSession; }
}
[System.Security.SecurityCritical]
public IEnumerable GetProviderNames()
{
EventLogPermissionHolder.GetEventLogPermission().Demand();
List namesList = new List(100);
using (EventLogHandle ProviderEnum = NativeWrapper.EvtOpenProviderEnum(this.Handle, 0))
{
bool finish = false;
do
{
string s = NativeWrapper.EvtNextPublisherId(ProviderEnum, ref finish);
if (finish == false) namesList.Add(s);
}
while (finish == false);
return namesList;
}
}
[System.Security.SecurityCritical]
public IEnumerable GetLogNames()
{
EventLogPermissionHolder.GetEventLogPermission().Demand();
List namesList = new List(100);
using (EventLogHandle channelEnum = NativeWrapper.EvtOpenChannelEnum(this.Handle, 0))
{
bool finish = false;
do
{
string s = NativeWrapper.EvtNextChannelPath(channelEnum, ref finish);
if (finish == false) namesList.Add(s);
}
while (finish == false);
return namesList;
}
}
public EventLogInformation GetLogInformation(string logName, PathType pathType) {
if (logName == null)
throw new ArgumentNullException("logName");
return new EventLogInformation(this, logName, pathType);
}
public void ExportLog(string path, PathType pathType, string query, string targetFilePath) {
this.ExportLog(path, pathType, query, targetFilePath, false);
}
public void ExportLog(string path, PathType pathType, string query, string targetFilePath, bool tolerateQueryErrors)
{
if (path == null)
throw new ArgumentNullException("path");
if (targetFilePath == null)
throw new ArgumentNullException("targetFilePath");
UnsafeNativeMethods.EvtExportLogFlags flag;
switch (pathType)
{
case PathType.LogName:
flag = UnsafeNativeMethods.EvtExportLogFlags.EvtExportLogChannelPath;
break;
case PathType.FilePath:
flag = UnsafeNativeMethods.EvtExportLogFlags.EvtExportLogFilePath;
break;
default:
throw new ArgumentOutOfRangeException("pathType");
}
if (tolerateQueryErrors == false)
NativeWrapper.EvtExportLog(this.Handle, path, query, targetFilePath, (int)flag);
else
NativeWrapper.EvtExportLog(this.Handle, path, query, targetFilePath, (int)flag | (int)UnsafeNativeMethods.EvtExportLogFlags.EvtExportLogTolerateQueryErrors);
}
public void ExportLogAndMessages(string path, PathType pathType, string query, string targetFilePath)
{
this.ExportLogAndMessages(path, pathType, query, targetFilePath, false, CultureInfo.CurrentCulture );
}
public void ExportLogAndMessages(string path, PathType pathType, string query, string targetFilePath, bool tolerateQueryErrors, CultureInfo targetCultureInfo ) {
if (targetCultureInfo == null)
targetCultureInfo = CultureInfo.CurrentCulture;
ExportLog(path, pathType, query, targetFilePath, tolerateQueryErrors);
NativeWrapper.EvtArchiveExportedLog(this.Handle, targetFilePath, targetCultureInfo.LCID, 0);
}
public void ClearLog(string logName)
{
this.ClearLog(logName, null);
}
public void ClearLog(string logName, string backupPath)
{
if (logName == null)
throw new ArgumentNullException("logName");
NativeWrapper.EvtClearLog(this.Handle, logName, backupPath, 0);
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- DisableDpiAwarenessAttribute.cs
- RectValueSerializer.cs
- ButtonBase.cs
- ZoneMembershipCondition.cs
- DrawingContext.cs
- SafeCertificateStore.cs
- VirtualizingStackPanel.cs
- WriteableBitmap.cs
- UserNamePasswordClientCredential.cs
- FrameworkContextData.cs
- Formatter.cs
- TimelineGroup.cs
- AnnotationService.cs
- VirtualizedContainerService.cs
- ToolStripDropDown.cs
- Variable.cs
- CodeNamespaceCollection.cs
- EncodingInfo.cs
- MappingModelBuildProvider.cs
- RemotingServices.cs
- StrokeCollectionConverter.cs
- IdentityReference.cs
- InputBindingCollection.cs
- VisualTreeUtils.cs
- LineGeometry.cs
- TableItemPattern.cs
- QilIterator.cs
- _NTAuthentication.cs
- documentation.cs
- IriParsingElement.cs
- NullRuntimeConfig.cs
- MailAddress.cs
- DecoderReplacementFallback.cs
- ProjectionPathBuilder.cs
- Pkcs7Signer.cs
- BaseDataList.cs
- DataTablePropertyDescriptor.cs
- SqlXmlStorage.cs
- WsatStrings.cs
- TreeView.cs
- DateTimeStorage.cs
- EditorPartCollection.cs
- DrawingAttributes.cs
- FrameworkContentElementAutomationPeer.cs
- ControlPropertyNameConverter.cs
- StringSorter.cs
- SingleStorage.cs
- MouseWheelEventArgs.cs
- SQLInt64.cs
- CustomTokenProvider.cs
- WsdlBuildProvider.cs
- RequestUriProcessor.cs
- HMACSHA256.cs
- LocatorBase.cs
- Vector3DAnimationUsingKeyFrames.cs
- COM2ColorConverter.cs
- DataListItem.cs
- Type.cs
- RepeatInfo.cs
- ToolStripStatusLabel.cs
- XmlName.cs
- CollectionBase.cs
- RC2.cs
- Border.cs
- EngineSiteSapi.cs
- XmlValidatingReaderImpl.cs
- FormViewInsertedEventArgs.cs
- ApplicationServiceManager.cs
- DataGridViewRowHeightInfoPushedEventArgs.cs
- JsonWriter.cs
- AudioFileOut.cs
- safesecurityhelperavalon.cs
- SchemaImporter.cs
- RadialGradientBrush.cs
- Int16AnimationUsingKeyFrames.cs
- GridViewHeaderRowPresenter.cs
- TextClipboardData.cs
- XPathPatternBuilder.cs
- SortFieldComparer.cs
- XPathNodePointer.cs
- TypeSchema.cs
- Compiler.cs
- StringCollection.cs
- DbCommandDefinition.cs
- IconConverter.cs
- ConnectionsZone.cs
- DataGridHeaderBorder.cs
- SecurityPolicySection.cs
- UserControlCodeDomTreeGenerator.cs
- DynamicDocumentPaginator.cs
- WebPartZone.cs
- DetailsViewPageEventArgs.cs
- MobileSysDescriptionAttribute.cs
- ResourceSet.cs
- WebPartAuthorizationEventArgs.cs
- ProvidersHelper.cs
- LicFileLicenseProvider.cs
- XmlILIndex.cs
- XmlTypeMapping.cs
- PeerCollaborationPermission.cs