diff --git a/README.md b/README.md index f45b867..666324c 100644 --- a/README.md +++ b/README.md @@ -61,3 +61,26 @@ TimberWinR reads a JSON configuration file, an example file is shown here: This configuration collects Events from the Windows Event Logs (System, Application) and forwards them to Redis. +## Installation as a Windows Service +TimberWinR uses [TopShelf](http://topshelf-project.com/) to install as a service, so all the documentation +for installing and configuring the service is show here [TopShelf Doc](http://docs.topshelf-project.com/en/latest/) + +Specifically the command line options are listed here in [Topshelf Command-Line Reference](http://docs.topshelf-project.com/en/latest/overview/commandline.html) guide. + +Install and set to Automatically Start the service: +``` +; Install Service (will autostart on reboot) +TimberWinR.ServiceHost.exe install --autostart +; Start the Service +TimberWinR.ServiceHost.exe start +``` + +To Start/Stop the Service from the Command Line +``` +TimberWinR.ServiceHost.exe start +TimberWinR.ServiceHost.exe stop +``` + +Alternatively you can use the Services Control Panel. +### Usage + diff --git a/TimberWinR.ServiceHost/config.json b/TimberWinR.ServiceHost/config.json index 0e62426..90f975c 100644 --- a/TimberWinR.ServiceHost/config.json +++ b/TimberWinR.ServiceHost/config.json @@ -70,7 +70,7 @@ }, { "date": { - "condition": "[type] == \"Win32-FileLog\"", + "condition": "json[\"timestamp\"] != null && [type] == \"Win32-FileLog\"", "match": [ "timestamp", "MMM d HH:mm:sss", diff --git a/TimberWinR/Filters/EvaluatingFilter.cs b/TimberWinR/Filters/EvaluatingFilter.cs deleted file mode 100644 index 16a669b..0000000 --- a/TimberWinR/Filters/EvaluatingFilter.cs +++ /dev/null @@ -1,65 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; -using Microsoft.CSharp; -using Newtonsoft.Json.Linq; -using NLog; - -namespace TimberWinR.Filters -{ - class EvaluatingFilter - { - protected bool EvaluateCondition(JObject json, string condition) - { - // Create a new instance of the C# compiler - var cond = condition; - - IList keys = json.Properties().Select(p => p.Name).ToList(); - foreach (string key in keys) - cond = cond.Replace(string.Format("[{0}]", key), string.Format("\"{0}\"", json[key].ToString())); - - var compiler = new CSharpCodeProvider(); - - // Create some parameters for the compiler - var parms = new System.CodeDom.Compiler.CompilerParameters - { - GenerateExecutable = false, - GenerateInMemory = true - }; - parms.ReferencedAssemblies.Add("System.dll"); - var code = string.Format(@" using System; - class EvaluatorClass - {{ - public bool Evaluate() - {{ - return {0}; - }} - }}", cond); - - // Try to compile the string into an assembly - var results = compiler.CompileAssemblyFromSource(parms, new string[] { code }); - - // If there weren't any errors get an instance of "MyClass" and invoke - // the "Message" method on it - if (results.Errors.Count == 0) - { - var evClass = results.CompiledAssembly.CreateInstance("EvaluatorClass"); - var result = evClass.GetType(). - GetMethod("Evaluate"). - Invoke(evClass, null); - return bool.Parse(result.ToString()); - } - else - { - foreach (var e in results.Errors) - { - LogManager.GetCurrentClassLogger().Error(e); - LogManager.GetCurrentClassLogger().Error("Bad Code: {0}", code); - } - } - - return false; - } - } -} diff --git a/TimberWinR/Manager.cs b/TimberWinR/Manager.cs index b42d03e..a04bbb0 100644 --- a/TimberWinR/Manager.cs +++ b/TimberWinR/Manager.cs @@ -124,8 +124,8 @@ namespace TimberWinR ArchiveAboveSize = 5 * 1024 * 1024, MaxArchiveFiles = 5, BufferSize = 10, - FileName = Path.Combine(logPath, "TimberWinR", "TimberWinR.txt"), - ArchiveFileName = Path.Combine(logPath, "log-{#######}.txt"), + FileName = Path.Combine(logPath, "TimberWinR", "TimberWinR.log"), + ArchiveFileName = Path.Combine(logPath, "TimberWinR_log-{#######}.log"), }; } diff --git a/TimberWinR/Parser.cs b/TimberWinR/Parser.cs index 88f58bd..7ecc0ed 100644 --- a/TimberWinR/Parser.cs +++ b/TimberWinR/Parser.cs @@ -52,9 +52,17 @@ namespace TimberWinR.Parser GenerateInMemory = true }; parms.ReferencedAssemblies.Add("System.dll"); + parms.ReferencedAssemblies.Add("System.Core.dll"); + parms.ReferencedAssemblies.Add("Newtonsoft.Json.dll"); + var code = string.Format(@" using System; + using System.Linq; + using Newtonsoft.Json; + using Newtonsoft.Json.Linq; + class EvaluatorClass {{ + public JObject json {{ get; set; }} public bool Evaluate() {{ return {0}; @@ -69,6 +77,8 @@ namespace TimberWinR.Parser if (results.Errors.Count == 0) { var evClass = results.CompiledAssembly.CreateInstance("EvaluatorClass"); + evClass.GetType().GetProperty("json").SetValue(evClass, json, null); + var result = evClass.GetType(). GetMethod("Evaluate"). Invoke(evClass, null); diff --git a/TimberWinR/TimberWinR.csproj b/TimberWinR/TimberWinR.csproj index 120f191..a196196 100644 --- a/TimberWinR/TimberWinR.csproj +++ b/TimberWinR/TimberWinR.csproj @@ -66,7 +66,6 @@ -