0
저는 Java 기반 응용 프로그램과 Java 기반 응용 프로그램을 통합하고 Java에서 창 이벤트를 캡처하려고합니다.Java를 사용하여 WMI 이벤트를 등록하는 방법
Google에서 발견 된 J-Interop은 라이브러리입니다.이 사용자는이 라이브러리를 사용할 수 있습니다. 내가 코드를 다음과 같은 몇 가지 POC의 WIH을했지만, 즉 WbemScripting.SWbemLocator이
이import java.io.IOException;
import java.util.logging.Level;
import org.jinterop.dcom.common.JIException;
import org.jinterop.dcom.common.JISystem;
import org.jinterop.dcom.core.JIComServer;
import org.jinterop.dcom.core.JIProgId;
import org.jinterop.dcom.core.JISession;
import org.jinterop.dcom.core.JIString;
import org.jinterop.dcom.core.JIVariant;
import org.jinterop.dcom.impls.JIObjectFactory;
import org.jinterop.dcom.impls.automation.IJIDispatch;
public class EventLogListener
{
private static final String WMI_DEFAULT_NAMESPACE = "ROOT\\CIMV2";
private static String domainName = "domain";
private static String userName="user";
private static String password="psswd";
private static String hostIP ="127.0.0.1";
private static JISession configAndConnectDCom(String domain, String user, String pass) throws Exception
{
JISystem.getLogger().setLevel(Level.OFF);
try
{
JISystem.setInBuiltLogHandler(false);
}
catch (IOException ignored)
{
;
}
// JISystem.setAutoRegisteration(true);
JISession dcomSession = JISession.createSession(domain, user, pass);
dcomSession.useSessionSecurity(true);
return dcomSession;
}
private static IJIDispatch getWmiLocator(String host, JISession dcomSession) throws Exception
{
//HKEY_CLASSES_ROOT\CLSID\{76A64158-CB41-11D1-8B02-00600806D9B6}
//WbemScripting.SWbemLocator
JIComServer wbemLocatorComObj = new JIComServer(JIProgId.valueOf("76A64158-CB41-11D1-8B02-00600806D9B6"), host, dcomSession);
System.out.println("com objected created");
return (IJIDispatch) JIObjectFactory.narrowObject(wbemLocatorComObj.createInstance().queryInterface(IJIDispatch.IID));
}
private static IJIDispatch toIDispatch(JIVariant comObjectAsVariant) throws JIException
{
return (IJIDispatch) JIObjectFactory.narrowObject(comObjectAsVariant.getObjectAsComObject());
}
public static void main(String[] args)
{
String domain = domainName;//args[ 0 ];
String host = hostIP;//args[ 1 ];
String user = userName;//args[ 2 ];
String pass = password;//args[ 3 ];
JISession dcomSession = null;
try
{
// Connect to DCOM on the remote system, and create an instance of the WbemScripting.SWbemLocator object to talk to WMI.
dcomSession = configAndConnectDCom(domain, user, pass);
IJIDispatch wbemLocator = getWmiLocator(host, dcomSession);
// Invoke the "ConnectServer" method on the SWbemLocator object via it's IDispatch COM pointer. We will connect to
// the default ROOT\CIMV2 namespace. This will result in us having a reference to a "SWbemServices" object.
JIVariant results[] =
wbemLocator.callMethodA("ConnectServer", new Object[] { new JIString(host), new JIString(WMI_DEFAULT_NAMESPACE),
JIVariant.OPTIONAL_PARAM(), JIVariant.OPTIONAL_PARAM(), JIVariant.OPTIONAL_PARAM(), JIVariant.OPTIONAL_PARAM(), new Integer(0),
JIVariant.OPTIONAL_PARAM() });
IJIDispatch wbemServices = toIDispatch(results[ 0 ]);
// Now that we have a SWbemServices DCOM object reference, we prepare a WMI Query Language (WQL) request to be informed whenever a
// new instance of the "Win32_NTLogEvent" WMI class is created on the remote host. This is submitted to the remote host via the
// "ExecNotificationQuery" method on SWbemServices. This gives us all events as they come in. Refer to WQL documentation to
// learn how to restrict the query if you want a narrower focus.
final String QUERY_FOR_ALL_LOG_EVENTS = "SELECT * FROM __InstanceCreationEvent WHERE TargetInstance ISA 'Win32_NTLogEvent'";
final int RETURN_IMMEDIATE = 16;
final int FORWARD_ONLY = 32;
JIVariant[] eventSourceSet =
wbemServices.callMethodA("ExecNotificationQuery", new Object[] { new JIString(QUERY_FOR_ALL_LOG_EVENTS), new JIString("WQL"),
new JIVariant(new Integer(RETURN_IMMEDIATE + FORWARD_ONLY)) });
IJIDispatch wbemEventSource = (IJIDispatch) JIObjectFactory.narrowObject((eventSourceSet[ 0 ]).getObjectAsComObject());
// The result of the query is a SWbemEventSource object. This object exposes a method that we can call in a loop to retrieve the
// next Windows Event Log entry whenever it is created. This "NextEvent" operation will block until we are given an event.
// Note that you can specify timeouts, see the Microsoft documentation for more details.
System.out.println("listner statred");
while (true)
{
System.out.println("vinod");
// this blocks until an event log entry appears.
JIVariant eventAsVariant = (JIVariant) (wbemEventSource.callMethodA("NextEvent", new Object[] { JIVariant.OPTIONAL_PARAM() }))[ 0 ];
IJIDispatch wbemEvent = toIDispatch(eventAsVariant);
// WMI gives us events as SWbemObject instances (a base class of any WMI object). We know in our case we asked for a specific object
// type, so we will go ahead and invoke methods supported by that Win32_NTLogEvent class via the wbemEvent IDispatch pointer.
// In this case, we simply call the "GetObjectText_" method that returns us the entire object as a CIM formatted string. We could,
// however, ask the object for its property values via wbemEvent.get("PropertyName"). See the j-interop documentation and examples
// for how to query COM properties.
JIVariant objTextAsVariant = (JIVariant) (wbemEvent.callMethodA("GetObjectText_", new Object[] { new Integer(1) }))[ 0 ];
String asText = objTextAsVariant.getObjectAsString().getString();
System.out.println(asText);
}
}
catch (Exception e)
{
e.printStackTrace();
}
finally
{
if (null != dcomSession)
{
try
{
JISession.destroySession(dcomSession);
}
catch (Exception ex)
{
ex.printStackTrace();
}
}
}
}
}
오류 서비스 위치하면서 문제를 직면 :이 단서가
이org.jinterop.dcom.common.JIException: The system cannot find the file specified. Please check the path provided as parameter. If this exception is being thrown from the WinReg package, please check if the library is registered properly or do so using regsvr32. [0x00000002]
at org.jinterop.winreg.smb.JIWinRegStub.winreg_OpenKey(JIWinRegStub.java:195)
at org.jinterop.dcom.core.JIProgId.getIdFromWinReg(JIProgId.java:129)
at org.jinterop.dcom.core.JIProgId.getCorrespondingCLSID(JIProgId.java:160)
at org.jinterop.dcom.core.JIComServer.<init>(JIComServer.java:428)
at com.stg.commons.behave.reporting.EventLogListener.getWmiLocator(EventLogListener.java:49)
at com.stg.commons.behave.reporting.EventLogListener.main(EventLogListener.java:81)
Caused by: org.jinterop.dcom.common.JIRuntimeException: The system cannot find the file specified. Please check the path provided as parameter. If this exception is being thrown from the WinReg package, please check if the library is registered properly or do so using regsvr32. [0x00000002]
at org.jinterop.winreg.IJIWinReg$openKey.read(IJIWinReg.java:938)
at ndr.NdrObject.decode(NdrObject.java:36)
at rpc.ConnectionOrientedEndpoint.call(ConnectionOrientedEndpoint.java:137)
at rpc.Stub.call(Stub.java:113)
at org.jinterop.winreg.smb.JIWinRegStub.winreg_OpenKey(JIWinRegStub.java:189)
... 5 more