G
Guest
I have C++ code, which reads events from Security Log using WMI
When I enable SE_SECURITY privilege, my program work's very long, for
example - about 5 minutes
This problem occurs only in win2000, in WinXp all work's fine.
My code:
privilege(SE_SECURITY_NAME, TRUE);
std::cout << dataSave << "│га- < Security...";
logEventClass *a =new logEventClass("Security",(debugMode?true:false));
if
(FAILED(StringCbPrintf(SQLdateForCompare,11+2,"'%u-%02u-%02u'",myDate.getYear(),myDate.getMonth(),myDate.getDay())))
StringCbPrintfError(__FILE__,__LINE__);
while (returnStatus=a->createSqlString(bd.getConn(),SQLdateForCompare))
{
if (returnStatus==1)
{
/* save event is MySQL RDMB */
bd.query((a->getSqlString()).c_str());
bd.storeResult();
}
}
delete a;
std::cout << "ok" << std::endl;
privilege(SE_SECURITY_NAME, FALSE);
For example, and this code works very slow:
privilege(SE_SECURITY_NAME, TRUE); // stuff
std::cout << dataSave << "│га- < Application...";
logEventClass *logEventObj =new
logEventClass("Application",(debugMode?true:false));
if
(FAILED(StringCbPrintf(SQLdateForCompare,11+2,"'%u-%02u-%02u'",myDate.getYear(),myDate.getMonth(),myDate.getDay())))
StringCbPrintfError(__FILE__,__LINE__);
while (returnStatus=a->createSqlString(bd.getConn(),SQLdateForCompare))
{
if (returnStatus==1)
{
/* save event is MySQL RDMB */
bd.query((a->getSqlString()).c_str());
bd.storeResult();
}
}
delete a;
std::cout << "ok" << std::endl;
privilege(SE_SECURITY_NAME, FALSE); // stuff
When I comment "privilege(SE_SECURITY_NAME, TRUE)" for Application Log, all
work fine
When I use WMI CIM Studio and execute WQL query
(from example:"select * from win32_ntlogevent where logfile='system'")
with checked box "Enable all privileges", this work very long, or
if I execute WQL query "select * from win32_ntlogevent where
logfile='security'"
I retrieve warning message that not enough memory
When I don't use "Enable all privileges" all work very fast
Why call to privilege(SE_SECURITY_NAME, TRUE) has this effect ?
And why I can avoid this ?
When I enable SE_SECURITY privilege, my program work's very long, for
example - about 5 minutes
This problem occurs only in win2000, in WinXp all work's fine.
My code:
privilege(SE_SECURITY_NAME, TRUE);
std::cout << dataSave << "│га- < Security...";
logEventClass *a =new logEventClass("Security",(debugMode?true:false));
if
(FAILED(StringCbPrintf(SQLdateForCompare,11+2,"'%u-%02u-%02u'",myDate.getYear(),myDate.getMonth(),myDate.getDay())))
StringCbPrintfError(__FILE__,__LINE__);
while (returnStatus=a->createSqlString(bd.getConn(),SQLdateForCompare))
{
if (returnStatus==1)
{
/* save event is MySQL RDMB */
bd.query((a->getSqlString()).c_str());
bd.storeResult();
}
}
delete a;
std::cout << "ok" << std::endl;
privilege(SE_SECURITY_NAME, FALSE);
For example, and this code works very slow:
privilege(SE_SECURITY_NAME, TRUE); // stuff
std::cout << dataSave << "│га- < Application...";
logEventClass *logEventObj =new
logEventClass("Application",(debugMode?true:false));
if
(FAILED(StringCbPrintf(SQLdateForCompare,11+2,"'%u-%02u-%02u'",myDate.getYear(),myDate.getMonth(),myDate.getDay())))
StringCbPrintfError(__FILE__,__LINE__);
while (returnStatus=a->createSqlString(bd.getConn(),SQLdateForCompare))
{
if (returnStatus==1)
{
/* save event is MySQL RDMB */
bd.query((a->getSqlString()).c_str());
bd.storeResult();
}
}
delete a;
std::cout << "ok" << std::endl;
privilege(SE_SECURITY_NAME, FALSE); // stuff
When I comment "privilege(SE_SECURITY_NAME, TRUE)" for Application Log, all
work fine
When I use WMI CIM Studio and execute WQL query
(from example:"select * from win32_ntlogevent where logfile='system'")
with checked box "Enable all privileges", this work very long, or
if I execute WQL query "select * from win32_ntlogevent where
logfile='security'"
I retrieve warning message that not enough memory
When I don't use "Enable all privileges" all work very fast
Why call to privilege(SE_SECURITY_NAME, TRUE) has this effect ?
And why I can avoid this ?