int main( int argc, char * const argv[] )
#endif
{
libcerror_error_t *error = NULL;
log_handle_t *log_handle = NULL;
system_character_t *option_ascii_codepage = NULL;
system_character_t *option_event_log_type = NULL;
system_character_t *option_export_format = NULL;
system_character_t *option_export_mode = NULL;
system_character_t *option_log_filename = NULL;
system_character_t *option_resource_files_path = NULL;
system_character_t *option_preferred_language = NULL;
system_character_t *option_registry_directory_name = NULL;
system_character_t *option_software_registry_filename = NULL;
system_character_t *option_system_registry_filename = NULL;
system_character_t *source = NULL;
char *program = "evtxexport";
system_integer_t option = 0;
int result = 0;
int use_template_definition = 0;
int verbose = 0;
libcnotify_stream_set(
stderr,
NULL );
libcnotify_verbose_set(
1 );
if( libclocale_initialize(
"evtxtools",
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize locale values.\n" );
goto on_error;
}
if( evtxtools_output_initialize(
_IONBF,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize output settings.\n" );
goto on_error;
}
evtxoutput_version_fprint(
stdout,
program );
while( ( option = evtxtools_getopt(
argc,
argv,
_SYSTEM_STRING( "c:f:hl:m:p:r:s:S:t:TvV" ) ) ) != (system_integer_t) -1 )
{
switch( option )
{
case (system_integer_t) '?':
default:
fprintf(
stderr,
"Invalid argument: %" PRIs_SYSTEM "\n",
argv[ optind - 1 ] );
usage_fprint(
stdout );
return( EXIT_FAILURE );
case (system_integer_t) 'c':
option_ascii_codepage = optarg;
break;
case (system_integer_t) 'f':
option_export_format = optarg;
break;
case (system_integer_t) 'h':
usage_fprint(
stdout );
return( EXIT_SUCCESS );
case (system_integer_t) 'l':
option_log_filename = optarg;
break;
case (system_integer_t) 'm':
option_export_mode = optarg;
break;
case (system_integer_t) 'p':
option_resource_files_path = optarg;
break;
case (system_integer_t) 'r':
option_registry_directory_name = optarg;
break;
case (system_integer_t) 's':
option_system_registry_filename = optarg;
break;
case (system_integer_t) 'S':
option_software_registry_filename = optarg;
break;
case (system_integer_t) 't':
option_event_log_type = optarg;
break;
case (system_integer_t) 'T':
use_template_definition = 1;
break;
case (system_integer_t) 'v':
verbose = 1;
break;
case (system_integer_t) 'V':
evtxoutput_copyright_fprint(
stdout );
return( EXIT_SUCCESS );
}
}
if( optind == argc )
{
fprintf(
stderr,
"Missing source file.\n" );
usage_fprint(
stdout );
return( EXIT_FAILURE );
}
source = argv[ optind ];
libcnotify_verbose_set(
verbose );
libevtx_notify_set_stream(
stderr,
NULL );
libevtx_notify_set_verbose(
verbose );
if( log_handle_initialize(
&log_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize log handle.\n" );
goto on_error;
}
if( export_handle_initialize(
&evtxexport_export_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize export handle.\n" );
goto on_error;
}
if( option_ascii_codepage != NULL )
{
result = export_handle_set_ascii_codepage(
evtxexport_export_handle,
option_ascii_codepage,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set ASCII codepage in export handle.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"Unsupported ASCII codepage defaulting to: windows-1252.\n" );
}
}
if( option_event_log_type != NULL )
{
result = export_handle_set_event_log_type(
evtxexport_export_handle,
option_event_log_type,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set event log type in export handle.\n" );
goto on_error;
}
}
if( option_export_format != NULL )
{
result = export_handle_set_export_format(
evtxexport_export_handle,
option_export_format,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set export format.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"Unsupported export format defaulting to: text.\n" );
}
}
if( option_export_mode != NULL )
{
result = export_handle_set_export_mode(
evtxexport_export_handle,
option_export_mode,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set export mode.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"Unsupported export mode defaulting to: items.\n" );
}
}
if( ( option_event_log_type == NULL )
|| ( result == 0 ) )
{
result = export_handle_set_event_log_type_from_filename(
evtxexport_export_handle,
source,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set event log type from filename in export handle.\n" );
goto on_error;
}
}
if( option_resource_files_path != NULL )
{
if( export_handle_set_resource_files_path(
evtxexport_export_handle,
option_resource_files_path,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to set resource files path in export handle.\n" );
goto on_error;
}
}
if( option_software_registry_filename != NULL )
{
if( export_handle_set_software_registry_filename(
evtxexport_export_handle,
option_software_registry_filename,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to set software registry filename in export handle.\n" );
goto on_error;
}
}
if( option_system_registry_filename != NULL )
{
if( export_handle_set_system_registry_filename(
evtxexport_export_handle,
option_system_registry_filename,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to set system registry filename in export handle.\n" );
goto on_error;
}
}
if( option_registry_directory_name != NULL )
{
if( export_handle_set_registry_directory_name(
evtxexport_export_handle,
option_registry_directory_name,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to set registry directory name in export handle.\n" );
goto on_error;
}
}
if( option_preferred_language != NULL )
{
/* TODO set preferred language identifier from input */
if( export_handle_set_preferred_language_identifier(
evtxexport_export_handle,
0x0409,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to set preferred language identifier in export handle.\n" );
goto on_error;
}
}
evtxexport_export_handle->use_template_definition = use_template_definition;
evtxexport_export_handle->verbose = verbose;
if( log_handle_open(
log_handle,
option_log_filename,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to open log file: %" PRIs_SYSTEM ".\n",
option_log_filename );
goto on_error;
}
if( export_handle_open_input(
evtxexport_export_handle,
source,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to open: %" PRIs_SYSTEM ".\n",
source );
goto on_error;
}
result = export_handle_export_file(
evtxexport_export_handle,
log_handle,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to export file.\n" );
goto on_error;
}
if( export_handle_close_input(
evtxexport_export_handle,
&error ) != 0 )
{
fprintf(
stderr,
"Unable to close export handle.\n" );
goto on_error;
}
if( export_handle_free(
&evtxexport_export_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to free export handle.\n" );
goto on_error;
}
if( log_handle_close(
log_handle,
&error ) != 0 )
{
fprintf(
stderr,
"Unable to close log handle.\n" );
goto on_error;
}
if( log_handle_free(
&log_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to free log handle.\n" );
goto on_error;
}
if( result == 0 )
{
fprintf(
stdout,
"No records to export.\n" );
}
return( EXIT_SUCCESS );
on_error:
if( error != NULL )
{
libcnotify_print_error_backtrace(
error );
libcerror_error_free(
&error );
}
if( evtxexport_export_handle != NULL )
{
export_handle_free(
&evtxexport_export_handle,
NULL );
}
if( log_handle != NULL )
{
log_handle_free(
&log_handle,
NULL );
}
return( EXIT_FAILURE );
}
int main( int argc, char * const argv[] )
#endif
{
libevtx_error_t *error = NULL;
system_character_t *option_ascii_codepage = NULL;
system_character_t *source = NULL;
char *program = "evtxinfo";
system_integer_t option = 0;
int result = 0;
int verbose = 0;
libcnotify_stream_set(
stderr,
NULL );
libcnotify_verbose_set(
1 );
if( libclocale_initialize(
"evtxtools",
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize locale values.\n" );
goto on_error;
}
if( evtxtools_output_initialize(
_IONBF,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize output settings.\n" );
goto on_error;
}
evtxoutput_version_fprint(
stdout,
program );
while( ( option = evtxtools_getopt(
argc,
argv,
_SYSTEM_STRING( "c:hvV" ) ) ) != (system_integer_t) -1 )
{
switch( option )
{
case (system_integer_t) '?':
default:
fprintf(
stderr,
"Invalid argument: %" PRIs_SYSTEM "\n",
argv[ optind - 1 ] );
usage_fprint(
stdout );
return( EXIT_FAILURE );
case (system_integer_t) 'c':
option_ascii_codepage = optarg;
break;
case (system_integer_t) 'h':
usage_fprint(
stdout );
return( EXIT_SUCCESS );
case (system_integer_t) 'v':
verbose = 1;
break;
case (system_integer_t) 'V':
evtxoutput_copyright_fprint(
stdout );
return( EXIT_SUCCESS );
}
}
if( optind == argc )
{
fprintf(
stderr,
"Missing source file.\n" );
usage_fprint(
stdout );
return( EXIT_FAILURE );
}
source = argv[ optind ];
libcnotify_verbose_set(
verbose );
libevtx_notify_set_stream(
stderr,
NULL );
libevtx_notify_set_verbose(
verbose );
if( info_handle_initialize(
&evtxinfo_info_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize info handle.\n" );
goto on_error;
}
if( option_ascii_codepage != NULL )
{
result = info_handle_set_ascii_codepage(
evtxinfo_info_handle,
option_ascii_codepage,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set ASCII codepage in info handle.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"Unsupported ASCII codepage defaulting to: windows-1252.\n" );
}
}
result = info_handle_set_event_log_type_from_filename(
evtxinfo_info_handle,
source,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set event log type from filename in info handle.\n" );
goto on_error;
}
if( info_handle_open(
evtxinfo_info_handle,
source,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to open: %" PRIs_SYSTEM ".\n",
source );
goto on_error;
}
if( info_handle_file_fprint(
evtxinfo_info_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to print file information.\n" );
goto on_error;
}
if( info_handle_close(
evtxinfo_info_handle,
&error ) != 0 )
{
fprintf(
stderr,
"Unable to close info handle.\n" );
goto on_error;
}
if( info_handle_free(
&evtxinfo_info_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to free info handle.\n" );
goto on_error;
}
return( EXIT_SUCCESS );
on_error:
if( error != NULL )
{
libcnotify_print_error_backtrace(
error );
libcerror_error_free(
&error );
}
if( evtxinfo_info_handle != NULL )
{
info_handle_free(
&evtxinfo_info_handle,
NULL );
}
return( EXIT_FAILURE );
}
int main( int argc, char * const argv[] )
#endif
{
libcstring_system_character_t *source = NULL;
libcstring_system_integer_t option = 0;
while( ( option = libcsystem_getopt(
argc,
argv,
_LIBCSTRING_SYSTEM_STRING( "" ) ) ) != (libcstring_system_integer_t) -1 )
{
switch( option )
{
case (libcstring_system_integer_t) '?':
default:
fprintf(
stderr,
"Invalid argument: %" PRIs_LIBCSTRING_SYSTEM ".\n",
argv[ optind - 1 ] );
return( EXIT_FAILURE );
}
}
if( optind == argc )
{
fprintf(
stderr,
"Missing source file or device.\n" );
return( EXIT_FAILURE );
}
source = argv[ optind ];
#if defined( HAVE_DEBUG_OUTPUT ) && defined( EVTX_TEST_OPEN_CLOSE_VERBOSE )
libevtx_notify_set_verbose(
1 );
libevtx_notify_set_stream(
stderr,
NULL );
#endif
/* Case 0: single open and close of a file using filename
*/
if( evtx_test_single_open_close_file(
source,
LIBEVTX_OPEN_READ,
1 ) != 1 )
{
fprintf(
stderr,
"Unable to test single open close.\n" );
return( EXIT_FAILURE );
}
if( evtx_test_single_open_close_file(
NULL,
LIBEVTX_OPEN_READ,
-1 ) != 1 )
{
fprintf(
stderr,
"Unable to test single open close.\n" );
return( EXIT_FAILURE );
}
if( evtx_test_single_open_close_file(
source,
LIBEVTX_OPEN_WRITE,
-1 ) != 1 )
{
fprintf(
stderr,
"Unable to test single open close.\n" );
return( EXIT_FAILURE );
}
/* Case 1: multiple open and close of a file using filename
*/
if( evtx_test_multi_open_close_file(
source,
LIBEVTX_OPEN_READ,
1 ) != 1 )
{
fprintf(
stderr,
"Unable to test multi open close.\n" );
return( EXIT_FAILURE );
}
return( EXIT_SUCCESS );
}
