Merge pull request #2 from AdamWhiteHat/Add-Filename-Tokenization

Add filename tokenization

Author: RandomRhythm

WELSConsole/App.config

@@ -1,12 +1,11 @@
-<?xml version="1.0" encoding="utf-8" ?>
+<?xml version="1.0" encoding="utf-8"?>
 <configuration>
-	<startup>
-		<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8" />
-	</startup>
 	<appSettings>
+		<add key="LogFile.Output" value="Log.Output.txt"/>
+		<add key="LogFile.Exception" value="Log.Exceptions.txt"/>
 
-		<add key="Path.Input" value="C:\Temp\wEventLogSearch\InputEventFiles.evtx"/>
-		<add key="Path.Output" value="C:\Temp\wEventLogSearch\EventLogSearch.csv"/>
+		<add key="Path.Input" value="C:\Temp\wEventLogSearch\InputEventFiles-{MM}-{dd}-{yyyy}.evtx"/>
+		<add key="Path.Output" value="C:\Temp\wEventLogSearch\Output-{MM}-{dd}-{yyyy}.csv"/>
 
 		<add key="Search.EventIDs" value="4689 or EventID=4688"/>
 		<add key="Search.Filter" value=""/>
@@ -18,4 +17,4 @@
 		<add key="Bool.GroupIntoOneColumn" value="False"/>
 
 	</appSettings>
-</configuration>
+</configuration>

WELSConsole/Configuration.cs

@@ -8,6 +8,9 @@ namespace WELSConsole
 {
 	public static class Configuration
 	{
+		public static string LogFile_Output = ConfigurationReader.GetConfigurationValue<string>("LogFile.Output") ?? "Log.Output.txt";
+		public static string LogFile_Exception = ConfigurationReader.GetConfigurationValue<string>("LogFile.Exception") ?? "Log.Exceptions.txt";
+
 		public static string Path_Input = ConfigurationReader.GetConfigurationValue<string>("Path.Input") ?? "";
 		public static string Path_Output = ConfigurationReader.GetConfigurationValue<string>("Path.Output") ?? "";
 

WELSConsole/Program.cs

@@ -9,10 +9,23 @@ namespace WELSConsole
 {
 	internal class Program
 	{
+		public static string LogFilenameException = "Log.Exceptions.txt";
+		public static string LogFilenameOutput = "Log.Output.txt";
+
 		static void Main(string[] args)
 		{
 			AppDomain.CurrentDomain.UnhandledException += CurrentDomain_UnhandledException;
 
+			if (!string.IsNullOrWhiteSpace(Configuration.LogFile_Output))
+			{
+				LogFilenameOutput = Configuration.LogFile_Output;
+			}
+			if (!string.IsNullOrWhiteSpace(Configuration.LogFile_Exception))
+			{
+				LogFilenameException = Configuration.LogFile_Exception;
+			}
+
+			LogInformation("");
 			LogInformation($"{AppDomain.CurrentDomain.FriendlyName} executed on: {DateTime.Now.ToLongDateString()} at {DateTime.Now.ToLongTimeString()}.");
 			SearchParameters parameters = GetSearchParameters();
 			LogInformation($"Configuration acquired from {AppDomain.CurrentDomain.FriendlyName}.config. Starting Search...");
@@ -28,8 +41,8 @@ private static SearchParameters GetSearchParameters()
 				LogErrorFunction = LogError,
 				LogExceptionFunction = LogException,
 
-				InputPath = Configuration.Path_Input,
-				OutputPath = Configuration.Path_Output,
+				InputPath = StringTokenReplace.ReplaceTokens(Configuration.Path_Input),
+				OutputPath = StringTokenReplace.ReplaceTokens(Configuration.Path_Output),
 
 				EventIDs = Configuration.Search_EventIDs,
 				Filter = Configuration.Search_Filter,
@@ -52,19 +65,31 @@ private static void CurrentDomain_UnhandledException(object sender, UnhandledExc
 		private static void LogInformation(string message)
 		{
 			Console.WriteLine(message);
+			LogOutput(message);
 		}
 
 		private static void LogError(string message)
 		{
 			Console.ForegroundColor = ConsoleColor.Red;
 			Console.Error.WriteLine(message);
 			Console.ResetColor();
+			LogOutput(message);
+		}
+
+		private static void LogOutput(string message)
+		{
+			File.AppendAllText(LogFilenameOutput, message + Environment.NewLine);
 		}
 
 		private static void LogException(string message, Exception ex)
 		{
+			string timeStamp = $"[{DateTime.Now.ToLongDateString()} at {DateTime.Now.ToLongTimeString()}]:";
 			LogError(message);
 			LogError(ex.ToString());
+
+			File.AppendAllText(LogFilenameException, $"{timeStamp} {message}" + Environment.NewLine);
+			File.AppendAllText(LogFilenameException, $"{timeStamp} {ex}" + Environment.NewLine);
+			File.AppendAllText(LogFilenameException, Environment.NewLine);
 		}
 	}
 }

WELSConsole/Properties/AssemblyInfo.cs

@@ -1,62 +1,33 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+<Project Sdk="Microsoft.NET.Sdk">
+
   <PropertyGroup>
-    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
-    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
-    <ProjectGuid>{34E0BBCE-CC08-40DF-A0DB-544F54C5130C}</ProjectGuid>
     <OutputType>Exe</OutputType>
-    <RootNamespace>WELSConsole</RootNamespace>
-    <AssemblyName>WELSConsole</AssemblyName>
-    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
-    <FileAlignment>512</FileAlignment>
-    <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
-    <Deterministic>true</Deterministic>
+    <TargetFramework>net7.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
   </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
-    <PlatformTarget>AnyCPU</PlatformTarget>
-    <DebugSymbols>true</DebugSymbols>
-    <DebugType>full</DebugType>
-    <Optimize>false</Optimize>
-    <OutputPath>bin\Debug\</OutputPath>
-    <DefineConstants>DEBUG;TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
-  </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
-    <PlatformTarget>AnyCPU</PlatformTarget>
-    <DebugType>pdbonly</DebugType>
-    <Optimize>true</Optimize>
-    <OutputPath>bin\Release\</OutputPath>
-    <DefineConstants>TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
-  </PropertyGroup>
-  <ItemGroup>
-    <Reference Include="System" />
-    <Reference Include="System.Configuration" />
-    <Reference Include="System.Core" />
-    <Reference Include="System.Xml.Linq" />
-    <Reference Include="System.Data.DataSetExtensions" />
-    <Reference Include="Microsoft.CSharp" />
-    <Reference Include="System.Data" />
-    <Reference Include="System.Net.Http" />
-    <Reference Include="System.Xml" />
-  </ItemGroup>
-  <ItemGroup>
-    <Compile Include="Configuration.cs" />
-    <Compile Include="ConfigurationReader.cs" />
-    <Compile Include="Program.cs" />
-    <Compile Include="Properties\AssemblyInfo.cs" />
-  </ItemGroup>
-  <ItemGroup>
-    <None Include="App.config" />
-  </ItemGroup>
-  <ItemGroup>
-    <ProjectReference Include="..\WELSCore\WELSCore.csproj">
-      <Project>{bae13494-bf39-4533-b20a-5036d34eb131}</Project>
-      <Name>WELSCore</Name>
-    </ProjectReference>
-  </ItemGroup>
-  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
-</Project>
+
+	<PropertyGroup>
+		<Title>WindowsEventLogSearchConsole</Title>
+		<Product>WindowsEventLogSearchConsole</Product>
+		<AssemblyName>WindowsEventLogSearchConsole</AssemblyName>
+
+		<Authors>Ryan B and Adam White</Authors>
+		<Copyright>Copyright © Ryan B and Adam White 2023</Copyright>
+
+		<Version>$([System.DateTime]::Now.ToString("yyyy."$([System.DateTime]::Now.DayOfYear)".HHmm"))</Version>
+		<AssemblyVersion>$([System.DateTime]::Now.ToString("yyyy."$([System.DateTime]::Now.DayOfYear)".HHmm"))</AssemblyVersion>
+		<FileVersion>$([System.DateTime]::Now.ToString("yyyy."$([System.DateTime]::Now.DayOfYear)".HHmm"))</FileVersion>
+		<StartupObject>WELSConsole.Program</StartupObject>
+		<ProduceReferenceAssembly>False</ProduceReferenceAssembly>
+	</PropertyGroup>
+
+	<ItemGroup>
+	  <PackageReference Include="System.Configuration.ConfigurationManager" Version="7.0.0" />
+	</ItemGroup>
+
+	<ItemGroup>
+	  <ProjectReference Include="..\WELSCore\WELSCore.csproj" />
+	</ItemGroup>
+
+</Project>

WELSConsole/WELSConsole.csproj

@@ -4,6 +4,7 @@
 using System.Text;
 using System.Threading.Tasks;
 using System.Diagnostics.Eventing.Reader;
+using System.Diagnostics;
 using System.IO;
 using System.Threading;
 using System.Runtime.Serialization.Formatters.Binary;