[checkmk-commits] Win-agent: split SectionEventlog::find_eventlogs

Module: check_mk Branch: master Commit: 1f30af00f49bdbaa691acc0e7085738021849d95 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=1f30af00f49bdb… Author: Jukka Aro &lt;ja(a)mathias-kettner.de&gt; Date: Thu Mar 1 12:11:14 2018 +0100 Win-agent: split SectionEventlog::find_eventlogs --- agents/windows/build_version | 2 +- agents/windows/sections/SectionEventlog.cc | 87 ++++++++++++++++++------------ agents/windows/sections/SectionEventlog.h | 6 +++ 3 files changed, 59 insertions(+), 36 deletions(-) diff --git a/agents/windows/build_version b/agents/windows/build_version index 9f510cc..d3cf57b 100644 --- a/agents/windows/build_version +++ b/agents/windows/build_version @@ -1 +1 @@ -3144 +3146 diff --git a/agents/windows/sections/SectionEventlog.cc b/agents/windows/sections/SectionEventlog.cc index 9632c5d..9bcd440 100644 --- a/agents/windows/sections/SectionEventlog.cc +++ b/agents/windows/sections/SectionEventlog.cc @@ -292,6 +292,12 @@ uint64_t SectionEventlog::outputEventlog(std::ostream &out, IEventLog &log, return lastReadId; } +void SectionEventlog::initStates() { + for (auto &state : _states) { + state.newly_discovered = false; + } +} + // Keeps memory of an event log we have found. It // might already be known and will not be stored twice. void SectionEventlog::registerEventlog(const std::string &logname) { @@ -307,39 +313,58 @@ void SectionEventlog::registerEventlog(const std::string &logname) { _states.push_back(eventlog::state(logname)); } +FindResult SectionEventlog::findLog(const HKeyHandle &hKey, DWORD index) const { + std::array<char, 128> buffer{}; + DWORD len = static_cast<DWORD>(buffer.size()); + return {_winapi.RegEnumKeyEx(hKey.get(), index, buffer.data(), &len, + nullptr, nullptr, nullptr, nullptr), + buffer.data()}; +} + +bool SectionEventlog::handleFindResult(const FindResult &result, + std::ostream &out) { + if (const auto & [ r, logname ] = result; r == ERROR_SUCCESS) { + registerEventlog(logname); + } else if (r != ERROR_MORE_DATA) { + if (r != ERROR_NO_MORE_ITEMS) { + out << "ERROR: Cannot enumerate over event logs: error " + "code " + << r << "\n"; + return false; + } + } + + return true; +} + +void SectionEventlog::registerVistaStyleLogs() { + // enable the vista-style logs if that api is enabled + if (*_vista_api) { + for (const auto &eventlog : *_config) { + if (eventlog.vista_api) { + registerEventlog(eventlog.name); + } + } + } +} + /* Look into the registry in order to find out, which event logs are available. */ bool SectionEventlog::find_eventlogs(std::ostream &out) { - for (auto &state : _states) { - state.newly_discovered = false; - } + initStates(); const std::string regpath{"SYSTEM\\CurrentControlSet\\Services\\Eventlog"}; HKEY key = nullptr; - DWORD ret = _winapi.RegOpenKeyEx(HKEY_LOCAL_MACHINE, regpath.c_str(), 0, - KEY_ENUMERATE_SUB_KEYS, &key); - HKeyHandle hKey{key, _winapi}; bool success = true; - if (ret == ERROR_SUCCESS) { - DWORD i = 0; - char buffer[128]; - DWORD len; - while (true) { - len = sizeof(buffer); - DWORD r = _winapi.RegEnumKeyEx(hKey.get(), i, buffer, &len, NULL, - NULL, NULL, NULL); - if (r == ERROR_SUCCESS) { - registerEventlog(buffer); - } else if (r != ERROR_MORE_DATA) { - if (r != ERROR_NO_MORE_ITEMS) { - out << "ERROR: Cannot enumerate over event logs: error " - "code " - << r << "\n"; - success = false; - } - break; - } - i++; + + if (DWORD r = _winapi.RegOpenKeyEx(HKEY_LOCAL_MACHINE, regpath.c_str(), 0, + KEY_ENUMERATE_SUB_KEYS, &key); + r == ERROR_SUCCESS) { + HKeyHandle hKey{key, _winapi}; + for (DWORD i = 0; r == ERROR_SUCCESS || r == ERROR_MORE_DATA; ++i) { + const auto result = findLog(hKey, i); + r = result.first; + success = handleFindResult(result, out) && success; } } else { success = false; @@ -348,15 +373,7 @@ bool SectionEventlog::find_eventlogs(std::ostream &out) { << " for enumeration: error code " << lastError << "\n"; } - // enable the vista-style logs if that api is enabled - if (*_vista_api) { - for (const auto &eventlog : *_config) { - if (eventlog.vista_api) { - registerEventlog(eventlog.name); - } - } - } - + registerVistaStyleLogs(); return success; } diff --git a/agents/windows/sections/SectionEventlog.h b/agents/windows/sections/SectionEventlog.h index fd48bae..2418bcd 100644 --- a/agents/windows/sections/SectionEventlog.h +++ b/agents/windows/sections/SectionEventlog.h @@ -93,6 +93,8 @@ public: eventlog::hint parseStateLine(const std::string &line); +using FindResult = std::pair<DWORD, std::string>; + class SectionEventlog : public Section { public: SectionEventlog(Configuration &config, Logger *logger, @@ -105,7 +107,11 @@ private: uint64_t outputEventlog(std::ostream &out, IEventLog &log, uint64_t previouslyReadId, eventlog::Level level, bool hideContext); + void initStates(); void registerEventlog(const std::string &logname); + FindResult findLog(const HKeyHandle &hKey, DWORD index) const; + bool handleFindResult(const FindResult &result, std::ostream &out); + void registerVistaStyleLogs(); bool find_eventlogs(std::ostream &out); void saveEventlogOffsets(const std::string &statefile); void readHintOffsets();