C#, ICF Firewall, and Microsoft Log Parser
C#, ICF Firewall, and Microsoft Log Parser
The Microsoft Log Parser is a very cool tool for mining data contained in your text based log files (CSV, XML, etc). Log Parser allows you to use SQL syntax to query and filter the contents of log files in many different formats, including the IIS logs. It will even create chart graphics and HTML reports based on your queries. Log Parser provides a command line executable as well as a set of COM objects for programmatic access. For more information and download link, see the Log Parser site over at microsoft.com:
http://www.microsoft.com/technet/scriptcenter/tools/logparser/default.mspx
I decided to try and create a simple tool based on the Log Parser in WinForms/C# using Visual Studio.NET 2003. The Internet Connection Firewall (ICF) ships with Windows XP and Windows Server 2003 (http://www.microsoft.com/technet/prodtechnol/winxppro/plan/icf.mspx). ICF can be configured to create a log file containing details of TCP/IP traffic on your system, including dropped packets. The log file, named pfirewall.log by default, can be useful if you want to see who is attempting to connect to your system or if you are trying to diagnose network connectivity issues. The ICF log file conforms to the W3C format standards, so Log Parser will be able to process it. I was able to quickly create a simple .NET app that used Log Parser to view in real time all TCP and UDP traffic logged on my system by ICF. I simply added a reference to the COM component named "MS Utility 1.0 Type Library - LogParser Interfaces Collection" and my interop DLL was created automagically by VS.NET. I used the .NET framework FileSystemWatcher class to monitor changes in file size to pfirewall.log and re-query the log file for fresh events. Since ICF only logs IP addresses, I added background processing using ThreadPool to resolve IP addresses to host names.
The Visual Studio.NET 2003 project, C# sample code and executable are available for download. Do not forget to get Log Parser and install it first, as it does not ship with Windows.
This little demo app barely scratches the surface of what you can do with Log Parser using C#/.NET.
skip to main |
skip to sidebar
a0000.blogspot.com
rg443"s shared items
Blog Archive
-
▼
2007
(1841)
-
▼
December
(492)
- How to: Use Named Pipes to Communicate Between Pro...
- Asynchronous File I/O in VB.Net
- Built-In Asynchronous I/O Support in ASP.NET
- Asynchronous File I/O
- XAML Sparkline example
- ewbi.develops: Sparklines
- Simple Sparklines Wordpress plugin, version 0.2
- BonaVista Systems – Sparklines, Dashboards, Charti...
- TiddlyWiki - Sparklines
- How to inline your sparklines/images in PHP with d...
- Sparkline PHP Graphing Library
- Sparkline PHP Graphing Library
- Sparkline PHP Library
- .NET Framework Developer's Guide: Asynchronous Fil...
- File Caching (Windows)
- Visual Basic: Performance Counters Sample
- Getting Started with My.Blogs | Visual Studio 2005...
- Visual Basic Fusion: Best Practices to Use Visual ...
- Using Threading to Build a Responsive Application ...
- Extending Visual Basic 6 ActiveX EXEs With Visual ...
- Sharing ADO Recordsets Between Visual Basic 6 and ...
- Visual Basic 6 Asynchronous File IO Using the .NET...
- Visual Basic 6 Asynchronous File IO Using the .NET...
- ASProxy: Surf in the web invisibly using ASP.NET p...
- GParted - Gnome Partition Editor
- SystemRescueCd
- XFS: A high-performance journaling filesystem
- Use RegExp to parse IP address (logfile) | VB.Net
- ewbi.develops: Sparklines
- Sparklines - Jon Galloway
- Javascript Sparklines Library
- Gavotte Ramdisk - Free virtual hardisk
- Free Ramdisk for Windows Vista, XP, 2000 and 2003 ...
- squid : Optimising Web Delivery - IP Cache API
- squid : Optimising Web Delivery - dnsserver
- Submit your site to Search Engines
- Google Chart GUI : Chart Generator
- Google Chart Generator
- Blog This - simple editor using the Blogger JavaSc...
- 10 Free Microsoft Apps That Don’t Suck
- On efficiently geo-referencing IPs with MaxMind Ge...
- 40 Unusual Websites you should Bookmark.
- Gmail Craze: 30 + Tools and Hacks for Gmail
- 5 “Disposable” Web Accounts to Keep Your Identity ...
- 100 Portable Apps for your USB Stick (both for Mac...
- 40 Unusual Websites you should Bookmark.
- 5 “Disposable” Web Accounts to Keep Your Identity ...
- Create Customized CSS Menus
- Create Customized CSS Menus
- Using the right version of MSXML in Internet Explorer
- Rush Hour 3 | Video | KINO.DE
- DHTML: Draw Line, Ellipse, Oval, Circle, Polyline,...
- ExplorerCanvas
- XML HTTP Performance and Caching
- UDP: Server receives packets from a client, then e...
- VBScript-To-JavaScript functions
- ASP 101 - Progress Bar
- Reading ASP.NET Application Settings From Web.conf...
- kping.com - Update your Blog on all Major Search E...
- Ghost.com - Symantec Corp
- linux-ntfs.org
- XFS: A high-performance journaling filesystem
- Reiser4 is released!
- E2fsprogs: Ext2 Filesystem Utilities
- Partimage
- DRBL - Diskless Remote Boot in Linux
- Clonezilla-live download
- Clonezilla - Open Source Partition & Disk Cloning ...
- Biography of Claude Elwood Shannon
- dbaddin - dbfuncts
- 1948: Die Einführung des Bit
- SunSpider JavaScript Benchmark
- DHTML JavaScript Benchmark
- WebKit gets native getElementsByClassName
- ChartMaker: Ext 2 UI on top of the Google Chart API
- JavaScript Benchmarks
- GNS3: Graphical Network Simulator
- Load and Search MySQL Data Using VB.NET 2005 in Wi...
- Windows PE - Plugin List
- BartPE Plugin repository Index
- GNS3 - a graphical network simulator
- Services to Backup Important Data Online
- OxygenOffice Professional - Office Suite
- GIMP - The GNU Image Manipulation Program
- Free PDF Converter - create high-quality PDF from ...
- PDFedit
- 7 Free Windows Apps That Saved me Big $$$
- OpenOffice.org
- IBM Lotus Symphony
- 6 Free Office Suites That Are NOT Microsoft
- Read Digg Faster
- OpenDNS | Providing A Safer And Faster Internet
- How To Set Up A Private Anonymous Proxy
- 5 Tools to Make Windows XP Look Like Vista
- 10 Most Downloaded Free Security AND PC Care Programs
- OxygenOffice Pro: Enhanced Version of OpenOffice
- Five Free Programs to Defragment your PC
- 5 Must-have Plugins for Your Wordpress Blog
- Another 10 Must-have Plugins for Your Wordpress Blog
- 10 Free Microsoft Apps That Don’t Suck
-
▼
December
(492)
Labels
- :-) (1)
- "Sony Alpha 900" (1)
- amazing photos (2)
- ASP (1)
- backup (1)
- base64 (1)
- Berkeley DB (2)
- BGP (4)
- blacklist (1)
- blogging (1)
- BPG (2)
- Cisco (44)
- Cisco Press (1)
- Code Snippets (3)
- Configuration Change Tracking (1)
- CRYPTO (1)
- curl (1)
- delicious (1)
- DMVPN (2)
- DNS (3)
- Eggheadcafe (2)
- filminfo (2)
- flickr (1)
- Full-Text Search (3)
- gallery (1)
- gdata (1)
- GeoIP (1)
- Google Charts API (1)
- googlecode Blogger JavaScript API (1)
- grain (1)
- hostip (1)
- HTML Tidy (1)
- incertain (1)
- incertain1 (1)
- IPSEC (1)
- javascript (1)
- javascript.trim javascript trim (1)
- JET SQL (1)
- kcyr7 (1)
- Levenshtein (1)
- mencoder (1)
- Movie (12)
- MPLS (7)
- MySQL (26)
- MySQL Performance (1)
- NAP (1)
- NAT (1)
- NBAR (1)
- NetCat (2)
- netCHARTING (1)
- Nicht ohne meine Schwiegereltern (3)
- Perl (1)
- photo blog (1)
- photobucket (1)
- Pix (2)
- pixdaus (1)
- rfc822 (1)
- RIR (1)
- route-map (1)
- scriptlets (1)
- sepia (1)
- slideshow (2)
- slug 1x-street (1)
- sort array (1)
- SQL (3)
- SQL Server (3)
- SQL Server 2000 (1)
- SQL Server 2005 (12)
- SQLIO (2)
- SQLIOStress (1)
- SQLite (1)
- squid (1)
- Stateful Failover IPSec Cisco HSRP SSO (1)
- Street Photography (2)
- Syntax Highlighter (5)
- T-SQL (2)
- VBscript (3)
- Virtual Tunnel Interface (1)
- VLAN (1)
- vmware (1)
- VRF (2)
- VTI (1)
- WebVPN (1)
- WordPress Plugin (1)
- WordPress Themes (1)
- xml (1)
- xp_sscanf (1)
Snap Shots
