eventJava.java
import java.util.*;
public class eventJava{
static{
System.loadLibrary("event");
}
public native Properties[] sayHello();
public static void main(String[] args) {
try {
Properties[] records = new Properties[1000];
records = new sayHello();
} catch (UnsatisfiedLinkError e) {
System.out.println("Couldn't call native function.
" + e);
}
// Create an instance and invoke the native method
for(Properties record:records){
System.out.print("type:"+record.getProperty("type"));
System.out.print("time:"+record.getProperty("time"));
System.out.print("source:"+record.getProperty("source"));
System.out.print("eid:"+record.getProperty("eid"));
System.out.println("
");
}
}
}
event.cpp
#include <jni.h>
#include "eventJava.h"
#include <windows.h>
#include <stdio.h>
#include <bits/stdc++.h>
#include <winbase.h>
#include<string.h>
#include <iostream>
#include<vector>
#define BUFFER_SIZE 1024*128
#define MAX_TIMESTAMP_LEN 23 + 1
#define MAX_WORD_LEN 1000
using namespace std;
struct SearchRecord {
string type;
string time;
string source;
string eid;
};
void FillEventRecordDetails(std::vector<SearchRecord*>* searchRecordResult ){
{
HANDLE h;
int i=0,j=0;
EVENTLOGRECORD *pevlr;
BYTE bBuffer[BUFFER_SIZE];
DWORD dwRead, dwNeeded, dwThisRecord;
// Open the Application event log.
h = OpenEventLog( NULL,
"Application");
if (h == NULL)
{
printf("Could not open the Application event log.");
return 0;
}
pevlr = (EVENTLOGRECORD *) &bBuffer;
GetOldestEventLogRecord(h, &dwThisRecord);
while (ReadEventLog(h, // event log handle
EVENTLOG_FORWARDS_READ | // reads forward
EVENTLOG_SEQUENTIAL_READ, // sequential read
0, // ignored for sequential reads
pevlr, // pointer to buffer
BUFFER_SIZE, // size of buffer
&dwRead, // number of bytes read
&dwNeeded)) // bytes in next record
{
while (dwRead > 0)
{
//TIME
string type;
switch(pevlr->EventType)
{
case EVENTLOG_ERROR_TYPE:
// printf("ERROR ");
type = "ERROR";
break;
case EVENTLOG_WARNING_TYPE:
// printf("WARNING ");
type = "WARNING";
break;
case EVENTLOG_INFORMATION_TYPE:
// printf("INFORMATION ");
type = "INFORMATION";
break;
case EVENTLOG_AUDIT_SUCCESS:
// printf("AUDIT_SUCCESS ");
type = "AUDIT_SUCCESS";
break;
case EVENTLOG_AUDIT_FAILURE:
// printf("AUDIT_FAILURE ");
type = "AUDIT_FAILURE";
break;
default:
// printf("Unknown ");
type = "Unknown";
break;
}
//TIME
DWORD Time = ((PEVENTLOGRECORD)pevlr)->TimeGenerated ;
ULONGLONG ullTimeStamp = 0;
ULONGLONG SecsTo1970 = 116444736000000000;
SYSTEMTIME st;
FILETIME ft, ftLocal;
ullTimeStamp = Int32x32To64(Time, 10000000) + SecsTo1970;
ft.dwHighDateTime = (DWORD)((ullTimeStamp >> 32) & 0xFFFFFFFF);
ft.dwLowDateTime = (DWORD)(ullTimeStamp & 0xFFFFFFFF);
FileTimeToLocalFileTime(&ft, &ftLocal);
FileTimeToSystemTime(&ftLocal, &st);
ostringstream mon1 , day1 ,year1,hour1,min1,sec1;
mon1 << st.wMonth ;day1 << st.wDay ;year1 << st.wYear ;hour1 << st.wHour ;min1 << st.wMinute ;sec1 << st.wSecond ;
string mon = mon1.str();string day = day1.str();string year = year1.str();string hour = hour1.str();string min = min1.str();string sec = sec1.str();
string time = day+"-"+mon+"-"+year+" "+hour+":"+min+":"+sec;
int id = ((PEVENTLOGRECORD)pevlr)->EventID & 0xFFFF;
ostringstream temp;
temp << id;
string eid = temp.str();
string source = (LPSTR) ((LPBYTE) pevlr + sizeof(EVENTLOGRECORD));
SearchRecord *pRecord = new SearchRecord();
pRecord->type = type;
pRecord->time = time;
pRecord->eid = eid;
pRecord->source = source;
searchRecordResult.push_back(pRecord);
dwRead -= pevlr->Length;
pevlr = (EVENTLOGRECORD *)
((LPBYTE) pevlr + pevlr->Length);
}
pevlr = (EVENTLOGRECORD *) &bBuffer;
}
CloseEventLog(h);
}
extern "C"
JNIEXPORT jobjectArray JNICALL Java_eventJava_sayHello
(JNIEnv *env, jobject obj){
vector<SearchRecord*> searchRecordResult ;
FillEventRecordDetails(&searchRecordResult);
// Get Properties class, its constructor and the put method
jclass cls_Properties = env->FindClass("java/util/Properties");
jmethodID mid_Properties_ctor = env->GetMethodID(cls_Properties, "<init>", "()V");
jmethodID mid_Properties_put = env->GetMethodID(cls_Properties, "put", "(Ljava/lang/Object;Ljava/lang/Object;)Ljava/lang/Object;");
// Construct the key Strings up front
jstring key_type = env->NewStringUTF("type");
jstring key_time = env->NewStringUTF("time");
jstring key_source = env->NewStringUTF("source");
jstring key_eid = env->NewStringUTF("eid");
jobjectArray ret = env->NewObjectArray(searchRecordResult.size(), cls_Properties, 0);
for (int i = 0; i < searchRecordResult.size(); i++) {
auto result = searchRecordResult[i];
// Allocate and fill a Properties object, making sure to clean up the value Strings.
env->PushLocalFrame(5);
jobject prop = env->NewObject(cls_Properties, mid_Properties_ctor);
env->CallObjectMethod(prop, mid_Properties_put, key_type, env->NewStringUTF(result->type));
env->CallObjectMethod(prop, mid_Properties_put, key_time, env->NewStringUTF(result->time));
env->CallObjectMethod(prop, mid_Properties_put, key_source, env->NewStringUTF(result->source));
env->CallObjectMethod(prop, mid_Properties_put, key_eid, env->NewStringUTF(result->eid));
prop = env->PopLocalFrame(prop);
env->SetObjectArrayElement(ret, i, prop);
}
return ret;
}
While compiling java shows error
and I wish to get data from cpp data to java using jni Array of properties is must
Getting windows log using cpp is working well but jni event i done this without properties array but i want it using properties array
See Question&Answers more detail:
os 
