eventlogrecord.java

Java调用Windows API,支持Office

//******************************************************************
// Released under the DevelopMentor OpenSource Software License.
// Please consult the LICENSE file in the project root directory,
// or at http://www.develop.com for details before using this
// software.
//******************************************************************

package org.jawin.donated.win32;

import org.jawin.io.*;
import org.jawin.util.*;
import java.io.*;
import java.util.*;

/*
typedef struct _EVENTLOGRECORD { 
  DWORD  Length; 
  DWORD  Reserved; 
  DWORD  RecordNumber; 
  DWORD  TimeGenerated; 
  DWORD  TimeWritten; 
  DWORD  EventID; 
  WORD   EventType; 
  WORD   NumStrings; 
  WORD   EventCategory; 
  WORD   ReservedFlags; 
  DWORD  ClosingRecordNumber; 
  DWORD  StringOffset; 
  DWORD  UserSidLength; 
  DWORD  UserSidOffset; 
  DWORD  DataLength; 
  DWORD  DataOffset; 
  // 
  // Then follow: 
  // 
  // TCHAR SourceName[] 
  // TCHAR Computername[] 
  // SID   UserSid 
  // TCHAR Strings[] 
  // BYTE  Data[] 
  // CHAR  Pad[] 
  // DWORD Length; 
  // 
} EVENTLOGRECORD, *PEVENTLOGRECORD; 
*/

public class EVENTLOGRECORD 
{
	public final int length;
	public final int recordNumber;
	final Date timeGenerated;
	final Date timeWritten;
	public final int eventID;
	public final short eventType;
	public final short eventCategory;
	final String[] strings;
	final byte[] bytes;	
	public final String source;
	public final String computerName;

	public EVENTLOGRECORD(byte[] bytes) 
			throws IOException
	{
		LittleEndianInputStream leis = new LittleEndianInputStream
							(new ByteArrayInputStream(bytes));
		length = leis.readInt();
		leis.readInt();
		recordNumber = leis.readInt();
		timeGenerated = new Date(1000L * leis.readInt());
		timeWritten = new Date(1000L * leis.readInt());
		eventID = leis.readInt();
		eventType = leis.readShort();
		short numStrings = leis.readShort();
		eventCategory = leis.readShort();
		leis.readShort();
		leis.readInt();
		int stringOffset = leis.readInt();
		int userSidLength = leis.readInt();
		int userSidOffset = leis.readInt();
		int dataLength = leis.readInt();
		int dataOffset = leis.readInt();
		source = leis.readUnicodeSz(32);
		computerName = leis.readUnicodeSz(32);
		strings = new String[numStrings];
		if (numStrings != 0) 
		{
			LittleEndianInputStream leisStrings = new LittleEndianInputStream
								(new ByteArrayInputStream(bytes, stringOffset, bytes.length-stringOffset));
			for (int n=0; n<numStrings; n++) 
			{
				strings[n] = leisStrings.readUnicodeSz(32);
			}
		}
		this.bytes = new byte[dataLength];
		if (dataLength != 0) 
		{
			System.arraycopy(bytes, dataOffset, this.bytes, 0, dataLength);
		}
	}
	
	public String toString() 
	{
		StringBuffer sb = new StringBuffer("EVENTLOGRECORD source:" + source + " machine:" + computerName +
				"\n\tgenerated " + timeGenerated +
				"\n\twritten " + timeWritten);
		int length=strings.length;
		for (int n=0; n<length; n++) 
		{
			sb.append("\n\t").append(strings[n]);
		}
		length = bytes.length;
		if (length > 0) 
		{
			sb.append("\n\tRAW DATA:");
			sb.append(HexFormatter.convertBytesToString(bytes));
		}
		return sb.toString();
	}
}