Windows – Event Viewer Parsing Through Log Parser Studio

Background

Need to parse MS Windows Event Logs.

One of the ways to do so is to use Log Parser Studio.

 

Event Viewer

Let us save the events unto the File System.

Outline

  1. Launch Event Viewer
  2. Select the Logs you want ( Application / System / Security )
  3. Right click on the Logs and from the drop down menu, choose “Save All Events As …
  4. Choose Folder And Filename
  5. The file is saved with an extension of “Event Files (*.evtx )

 

Images

Launch Save Event As

Choose Filename

 

Log Parser Studio

Outline

  1. Launch Log Parser Studio
  2. Choose Log Type: EVTLOG
  3. Enter Query
  4. Execute Query

 

Choose Log Type : EVTLOG

Sample Queries


/*  Find top 1000 warnings and errors in the Application Log 
    Levels: 1=Error, 2=Warning                                
*/
SELECT TOP 1000 
             TimeGenerated
           , ComputerName
           , EventCategoryName
           , EventTypeName
           , EventID
           , SourceName
           , Message
FROM 'C:\Temp\04_WindowsLogs_Applications_20170518_0403PM.evtx'
WHERE ( EventType = 1 OR EventType = 2 )
AND   (
               (SourceName like 'ASP%' )
            or (SourceName = '.NET Runtime' )
            or (SourceName = 'Application Error' )
      )
ORDER BY TimeGenerated DESC


Click Execute Button

Click on the Execute Button – The Read icon with the exclamation mark!

 

Sample Output

 

Export

Outline

  1. In Log Parser Studio, use menu File \ Export \ Output as .CSV
  2. In the “Choose Location to save CSV File” window, please specify folder and file name

 

Images

File \ Export \ “Output as .CSV”

 

Choose Location to save CSV File

Excel File

 

SQL Server – Extended Event – Data Storage – Change Folder / File Name

Background

Due to Storage Constraints having to change the folder that Extended Events are captured in.

 

GUI

I know it is not possible to do so via GUI.

As shown below, just as your author, the properties are dimmed.

 


Script

So let us script it

Outline

  1. Stop the Extended Event Session
  2. Drop the Extended Event Session target
    • In our case, we are using the adopted default target name of package0.event_file
  3. Add a new Target
    • Keeping everything from the old target
    • But, changing the targeted folder
  4. Restart the Extended Event Session

Code




	ALTER EVENT SESSION [performance]   
	ON SERVER  
	STATE = stop;  

	ALTER EVENT SESSION [performance]  
		ON SERVER 
		DROP TARGET package0.event_file;

	ALTER EVENT SESSION [performance]  
		ON SERVER 
		ADD TARGET package0.event_file
		(
			SET 
				  filename=N'C:\Microsoft\SQLServer\ExtendedEvents\TraceFiles\performance.xel'
				, max_file_size=(100)
				, max_rollover_files=(100)
		)

	ALTER EVENT SESSION [performance]   
	ON SERVER  
	STATE = start;  

GO 

Entity Framework – Application – Version # – Console & ASP.Net Applications

Background

Let us go a tiny bit further into our Entity Framework application.

But, before we go too far let us review the Version # of the Entity Framework library that is being used.

 

Diagnostic

File System

Let us review the File System, specifically the folder where the application is installed.

Entity Framework Libraries

Entity Framework libraries are bundled in dlls.

There is the baseline EntityFramework.dll and each targeted database platform will have its own dll.

Screen Shots

Console App
Image

EntityFramework.dll

EntityFramework.SqlServer.dll

 

Tabulate
Type File Product Version
 Core
 EntityFramework.dll  6.1.3-40302
 SQL Server
 EntityFramework.SqlServer.dll  6.1.3-40302

 

 

Web App
Image

 

 

Running Application

Resource Monitor

Start the Application and start the OS built-in Resource Monitor.

Image

Console App

Tabulate

Associated Modules
Type Module Name Version# Full Path
 Associated Modules
 EntityFramework.ni.dll 6.1.40302.0 C:\Windows\Assembly\NativeImages_v4.0.30319_32\EntityFramework\…\EntityFramework.ni.dll

 

 

 

Web Site App
w3wp.exe

 

Tabulate

Associated Handles
Type File Product Version
 Core
EntityFramework.DLL  4.0.30319
 SQL Server
EntityFramework.SqlServer.Dll  4.0.30319.33440

 

 

Associated Modules
Type File Product Version
 Core
System.Data.Entity.ni.dll  4.6.1087.0
System.Data.Linq.ni.ll  4.6.108.07
 SQL Server
 System.Data.OracleClient.dll  4.0.30319.33440
 System.Data.OracleClient.ni.dll  4.0.30319.33440

 

 

Summary

Both the libraries\dll files bundled with the Application and the modules loaded into memory reveal that the EntityFramework Library is in-use by the Application.

For our console application, the specific version of EntityFramework Library is Version 6.1.40302.0

And, for the Web App, the version is 4.6.1087.0

BTW, the CLR Version is 4.0.30319 32 bit.

Entity Framework – Using Visual Studio – Basic Application / Day 1

Background

In an earlier post, we spoke about how to generate an Entity Framework model through the command line.

 

Turnabout

And, our hope was to use a simple text editor along with command line tools such as msbuild and layer upon layer continue to build out our little application.

But, so little is publicly documented and shared about that approach and we quickly found in terms of straightforwardness, the plumbing available in Visual Studio will likely be best.

 

Visual Studio

Let go with Visual Studio.

 

Launch Visual Studio

Version – Microsoft Visual Studio Community 2015

New Project

Menu

We create a new project by clicking on the menu item ( File New/ Project ).

Template

GUI

Explanation
  1. Template
    • Visual C#\Windows\Console Application
  2. Name
    • Name :- lab001VS
  3. Location
    • C:\Personal\Blog\Microsoft\.net\entityFramework

Add

Add \ New Item..

Access the Solution Explorer, choose the Project, right click your selection and choose the Add Option

 

Add “ADO.Net Entity Data Model”

From the list of items, choose “ADO.Net Entity Data Model“.

 

Entity Data Model Wizard

The Entity Data Model Wizard appears….

Entity Data Model Wizard – Choose Model Contents

We are taking Database First approach, that is, we have a database defined, and will generate the entity code from the DB.

Please choose “EF Designer from database”

Entity Data Model Wizard – Choose Your Data Connection – Original

Here is the original state of the “Choose Your Data Connection” screen.

Please choose the “New Connection…” button.

 

Entity Data Model Wizard – Connection Properties

In the Connection Properties screen:

  1. Data Source :- Microsoft SQL Server (SqlClient)
  2. Server name :- .\v2014
  3. Logon to the Server :- SQL Server Authentication
  4. user name :- edmgen
  5. Password :- < enter password>
  6. Tick the “Save my password” checkbox
  7. Connect to a database :- Chose DBDiag
  8. Click the “Test Connection” button to validate the connection

 

Entity Data Model Wizard – Choose Your Database Objects And Settings

 

Connection Properties – Advanced Properties

Connection Properties – Advanced Properties – Before

 

Connection Properties – Test connection succeeded

 

Entity Data Model Wizard – Choose your Data Connection

Return to the “Choose your Data Connection” window.

 

Choices
  1. Connection info :-
    • [Server\instance].[database].[schema]
  2. Yes, include the sensitive data in the connection string
  3. Save connection settings in App.Config as …
    • DBDiagEntities

 

Entity Data Model Wizard – Choose your Version

  1. Which version of Entity Framework do you want to use?
    • Entity Framework 6.x
    • Entity Framework 5.0

 

Entity Data Model Wizard – Choose your Database Objects and Settings

Explanation
  1. Our SQL Account only has to the traceFlag table

 

 

 

Connection Properties – Advanced Properties

Connection Properties – Advanced Properties – Before

Connection Properties – Test connection succeeded

 

Entity Data Model Wizard – Choose your Version

  1. Which version of Entity Framework do you want to use?
    • Entity Framework 6.x
    • Entity Framework 5.0

 

 

Explanation

As this is a new test Application and we do not have a need to preserve existing code, we will go with the latest EF version, and that is Version 6.0.

 

Security Warning

There are a couple of security warnings that pop up and we click the OK to move on.

 

 

EDMX

The wizard does a bit of behind the scene work and publishes the model and the .Net class files

 

 

Source Code

With all that plumbing work out of the way, let us write a couple of elementary code that will invoke the method availed by EF entities.

 

Outline

  1. Display a simple UI that allows the user to List, Add, Edit, and Delete records
  2. List
    • List Trace Flags
  3. Add
    • Add a Trace Flag
  4. Edit
    • Edit a Trace Flag
  5. Remove
    • Remove a Trace Flag

 

Code

Browse


  public void browse()
        {

            //get all entities from entity traceflags
            //result should be captured in a variant variable tfQuery
            //ordering will likely be based on the DB table's primary key ( PK )
            var tfQuery = from tf in dbDE.traceFlags
                          select tf
                           ;

            //copy data into list object
            listTF = tfQuery.ToList();

            //Iterate list
            //Using foreach expose each list element in varTF
            foreach (var varTF in listTF)
            {

                //cast Var object to traceflag object
                objTF = (traceFlag)varTF;
                
                // prepare UI output
                strLog
                    = String.Format
                        (
                              FORMAT_BROWSE_DETAIL
                            , objTF.id
                            , objTF.description
                        );

                Console.WriteLine(strLog);

                // Output Line Break
                Console.WriteLine(CHAR_LINEBREAK);

            } //foreach

        } //browse

Add


 public void add()
        {
         
            Console.WriteLine("Get Trace Flag ID");
            strID = Console.ReadLine();

            if (strID == "")
            {
                return;
            }

            Console.WriteLine("Get Trace Flag Description");
            strDescription = Console.ReadLine();

            objTF = new traceFlag();

            objTF.id = Int32.Parse(strID);
            objTF.description = strDescription;
        
            dbDE.traceFlags.Add(objTF);

            dbDE.SaveChanges();

            objTF = null;


        } //add

Edit



  public void edit()
        {

            
            Console.WriteLine("Get Trace Flag ID");
            strID = Console.ReadLine();

            if (strID == "")
            {
                return;
            }

            iID = Int32.Parse(strID);

            var tfQuery = from tf in dbDE.traceFlags
                          where tf.id == iID
                          select tf
                ;

            objTF = new traceFlag();

            try
            {
                objTF = tfQuery.Single();
            }
            /*
                When ID Filtering is attempted, and matching record not found
                an exception, System.InvalidOperationException, is raised,
                catch and gracefully handle that exception
            */ 
            catch (System.InvalidOperationException exIOE)
            {
                strLog = String.Format
                    (
                        FORMAT_OPERATION_DELETE_FAILED
                        , "edit"
                        , strID
                        , exIOE.HResult
                        , exIOE.Message
                    );

                Console.WriteLine(strLog);

                //deallocated created object
                objTF = null;

                return;

            }


            //Get Trace Flag Description
            Console.WriteLine("Get Trace Flag Description");
            strDescription = Console.ReadLine();

            //If Description is empty, then exit
            if (strDescription == String.Empty)
            {

                //deallocated created object
                objTF = null;

                return;

            }

            //set Trace Flag Description
            objTF.description = strDescription;

            // save changes to db
            dbDE.SaveChanges();

            //deallocated created object
            objTF = null;



        } //edit


Remove



        public void remove()
        {

            Console.WriteLine("Get Trace Flag ID");
            strID = Console.ReadLine();

            if (strID == "")
            {
                return;
            }

            iID = Int32.Parse(strID);

            var tfQuery = from tf in dbDE.traceFlags
                          where tf.id == iID
                          select tf
                ;


            objTF = new traceFlag();

            try
            {
                objTF = tfQuery.Single();
            }
            /*
                When ID Filtering is attempted, and matching record not found
                an exception, System.InvalidOperationException, is raised,
                catch and gracefully handle that exception
            */
            catch (System.InvalidOperationException exIOE)
            {
                strLog = String.Format
                    (
                        FORMAT_OPERATION_DELETE_FAILED
                        , "deletion"
                        , strID
                        , exIOE.HResult
                        , exIOE.Message
                    );

                Console.WriteLine(strLog);

                //deallocated created object
                objTF = null;

                return;

            }

            //attach created object to trace flags entity
            dbDE.traceFlags.Attach(objTF);

            //mark the object for deletion
            dbDE.traceFlags.Remove(objTF);

            // save changes to db
            dbDE.SaveChanges();

            //deallocated created object
            objTF = null;

        } //remove



 

Medical Xpress – Scientists shed light on the tight connection between mental and physical health

 

Link

How do you feel right now, in general? Pleasant or unpleasant? Crummy, calm, or jittery? Somewhere in between?

Northeastern’s Lisa Feldman Barrett and her colleagues have discovered the system in the brain where those basic feelings originate.

The new findings, published last month in the journal Nature Human Behavior, could help solve mysteries regarding the tight connection between mental and physical health, including the neurological drivers behind the opioid crisis. Deciphering those mechanisms would open the door to developing more effective remedies. The findings could also revolutionize our understanding of how we make decisions, leading to more considered choices in areas ranging from the law to the economy.

“This paper really breaks down the barrier between mind and body,” says Barrett, University Distinguished Professor of Psychology at Northeastern. “It shows that the two are not separate, that the system that is important for creating and representing feelings is also important for thinking and remembering, paying attention and decision-making, and so much more. Feelings, in other words, are part of any mental event—any action, any thought, judgment, perception, or decision. They are properties of consciousness.

 

Two unified networks

The new brain system comprises two unified networks, each of which loops through various brain regions.

The two networks work together to keep your body’s systems—immune, cardiovascular, metabolic, and so on—in equilibrium as you respond to both internal and external “stressors,”—that is, everything from hunger and noise to transitioning from sleeping to waking or even standing to sitting. Such regulation is called “allostasis.” At the same time, these networks create the sensations inside your body—the general feeling states that thrum below the surface. That phenomenon is called “interoception.

When these feelings are very intense, these networks create emotions ranging from sadness to glee.

“This system both regulates the body and manufactures the sensations in the body that result from that regulation,” says Barrett. “But this system is not specific to allostasis and interoception.

The two networks that make up the system are at the core of the brain.” Among the wide array of psychological functions they support are social and physical fear, social affiliation, empathy, moral judgments, memory, attention, and decision-making. The networks also contain the brain cells that integrate senses external to the body, including sight, hearing, touch, smell, and taste.

“These networks had been shown to be important in many , but we showed that, whatever else they are doing—helping you think, remember, pay attention or see—they are also regulating your body and creating feelings,” says Barrett. “For centuries, the mind was thought of as a battleground between emotion and rationality. Then the neuroscientist Antonio Damasio famously argued that rationality and emotion are both important for wisdom. But there is no ‘both.’ The division between rationality and irrationality is artificial; your brain isn’t wired like that at all.”

 

Addressing the opiate crisis

The researchers performed the research in three steps. First, they analyzed anatomy studies that trace the connections between brain regions in macaque monkeys to verify that the circuitry—the hard-wiring—of the system did in fact exist. Next, they evaluated the brain scans of nearly 700 human subjects to assess how the regions regulating the body related to one another. “We asked the question: Where is there synchrony in neural firing across the brain?” says Barrett. “That led us to these two networks that overlap each other, and that are responsible for regulating the body and generating feelings.”

 

Finally, they validated their results by showing another group of human subjects evocative pictures as they measured their skin conductance and asked about their level of arousal. Those with a stronger connection between the two networks—indicated by neural synchrony—also experienced more arousal when their physiological arousal in the body was higher. So people with a more tightly connected allostatic-interoceptive system were better able to bring together body regulation with feelings, allostasis with introception.

 

The discovery of this system may shed some light on the opiate crisis. “People are taking opiates to regulate the distressful feelings that come from a dysregulation of the body,” says Barrett. “Pain is an emotional experience—it is unpleasant feelings associated with actual or potential damage to the .

 

People may start taking opiates for physical pain, but these drugs work best not at diminishing the electrical signals of tissue damage—called nociception—but at reducing distress, at dampening the unpleasant that accompany nociception. We live in this soup of low-grade stress that is very bad for our bodies. Opiate drugs turn down the dial on this consistent crummy feeling.

Our findings could spur research into trying to better address the opiate and other health crises.”

 

 

Patrick Kennedy :- A Common struggle

 

Books

A Common struggle, Patrick J. Kennedy and Stephen Fried

Prologue

“Amy and our young children are what keep me on my spiritual journey of recovery and hope.  In fact, they are probably the only reason I am still alive.  They remind me every day of our most underappreciated treatment for these illnesses: love and faith.

They also remind me of the biggest reason to fight for mental health parity.  My own children are at considerable genetic risk, just as I was, of developing mental illness and addiction.  

Which means that they can, and must, be part of the first generation in American history to have their brain diseases treated like every other disease.

Our children must be part of the first generation for which routine doctor visits includes a “checkup from the neck up”.

My goal is to change the way we talk about mental illness and addiction in this country, move the conversation from a painful existence debate to a more useful and forward looking discussion about proper diagnosis and care. 

The sad truth is that while we still have so much to learn about the brain, most patients don’t even benefit from what we already know. 

More than half the people who have been diagnosed with any mental illness do not get treatment at all.  It is time to for this to change.

My hope is that by writing about and exposing the worlds I get to visit, I might be able to make your journey less isolated.  

These struggles are much more common than most people realize, but too many of us still face them alone, if we face them at all.  

That isn’t necessary, it isn’t healthy, and it isn’t how any of us want to live our lives.

I believe more than ever than ever, that we have the power to change the world for people who have mental illnesses and addictions, and for all of those whose lives are touched by these brain diseases – which is to say, all of us.

In fact, I have bet my life on it.”

 

 

Videos

  1. CBS This Morning
    • Patrick Kennedy shares secret family struggles in “A Common Struggle”
      Former Rhode Island Congressman Patrick Kennedy writes of his own mental illness and addictions, but he also looks at his parents’ problems with alcohol and his mother’s depression. Kennedy believes his father, Ted, suffered from post-traumatic stress after two of his brothers were assassinated. Kennedy joins “CBS This Morning” to discuss why he decided to reveal the Kennedy family secrets.
      Published on :- 2015-Oct-5th
      Link
    • Former Congressman Patrick Kennedy, Sen. Ted Kennedy’s youngest child, has a new memoir that digs deep into his long history of mental illness and addiction. It is a story other family members did not want him to tell. His brother, Ted Kennedy Jr., called it an “inaccurate and unfair portrayal of our family.” Kennedy joins the second hour of “CBS This Morning” to discuss why he co-wrote “A Common Struggle.”
      Published on :- 2015-Oct-5th
      Link
  2. Maria Shriver
    • Architects of Change: Patrick Kennedy & Maria Shriver
      Published On :- 2106-Jan-13rd
      Link

 

Entity Framework – Generate Model & Mapping Files Using edmgen

Background

As always we will take to the command line and start building out a simple Entity Framework application.

 

What is entity framework?

Wikipedia
Link

The Entity Framework is a set of technologies in ADO.NET that support the development of data-oriented software applications. Architects and developers of data-oriented applications have typically struggled with the need to achieve two very different objectives. They must model the entities, relationships, and logic of the business problems they are solving, and they must also work with the data engines used to store and retrieve the data. The data may span multiple storage systems, each with its own protocols; even applications that work with a single storage system must balance the requirements of the storage system against the requirements of writing efficient and maintainable application code.

The Entity Framework enables developers to work with data in the form of domain-specific objects and properties, such as customers and customer addresses, without having to concern themselves with the underlying database tables and columns where this data is stored. With the Entity Framework, developers can work at a higher level of abstraction when they deal with data, and can create and maintain data-oriented applications with less code than in traditional applications. Because the Entity Framework is a component of the .NET Framework, Entity Framework applications can run on any computer on which the .NET Framework (starting with version 3.5 SP1) is installed.

 

Create Model

Let us create the model. Again, the model is an abstract model of the entities and the relationships between the entities ( Foreign Keys ).

 

Visual Studio

Of course, we can do so via Visual Studio.

But, that is too easy and we might miss some of the little things.

 

Edmgen

What is edmgen?

Edmgen are actually two words intermingled, edm and gen.

edm stands for Entity Data Model and gen is generation.

It is a command line tool.

 

Where is edmgen located?

Depending on the version of .Net you are running, you will need to target a different folder.

It is easy enough to open up a command shell and find edmgen.exe

 

Code

where /R c:\windows\microsoft.net edmgen.exe

 

Output

 

Issue Sample edmgen

Code


set "_dirBin=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\"
set "_appName=edmgen.exe"
set _appNameFull=%_dirBin%\%_appName%

set "_appMode=FullGeneration"

set "_language=csharp"
set "_project=dbdiag"

rem set "_csIS=Data Source=.\v2014;Database=DBDiag;Application Name=diagConsole;  Integrated Security=SSPI;"
set "_csSN=Data Source=.\v2014;Database=DBDiag;Application Name=diagConsole; uid=edmgen; pwd=62aprAcEcRaq;"
set "_cs=%_csSN%"

%_appNameFull% /mode:%_appMode% /connectionstring:"%_cs%" /language:%_language% /project:%_project%

Output

 

Explanation

  1. Loading database information
    • App connects to database
    • And, determines the list of database objects available to the DB account in use
  2. Generates
    • Generates ssdl
    • Generates msl
    • Generates csdl

 

Summary

This is obviously only the first step.

We have generated the model files.

In follow-up posts, we will review the generated files, discuss how to use and integrate into our main application, update the generated files to include new DB Objects or inherit DB changes, and target different Db environment, i.e. QA and Prod.