170 likes | 186 Views
SUS Commander. Sean Merritt. Background. Department of Natural Resources uses a Software Update Server to update the user’s PCs. The log files are cryptic Need a way to evaluate the log files Generating reports would prove how useful the system is. Goals.
E N D
SUS Commander Sean Merritt
Background • Department of Natural Resources uses a Software Update Server to update the user’s PCs. • The log files are cryptic • Need a way to evaluate the log files • Generating reports would prove how useful the system is.
Goals • Design and implement a system that will decipher the log files and provide helpful feedback to the server administrators. • Make the system dynamic so anyone using a Software Update Server can use it.
SUS Commander • Ability to import entire directories of log files. • Reads relevant information into an Access database. • Allows for the creation of custom logical WANs for sorting. • Exports HTML or Plain Text reports from user-specified queries.
Data • The log files. • The custom wan configuration. • Stored in a “scripting” like format • The database. • Contains all of the extracted information from the log files • Registry keys to store important information on file locations.
Example of a Day’s Log File • #Software: Microsoft Internet Information Services 5.0 • #Version: 1.0 • #Date: 2004-11-29 00:00:02 • #Fields: date time c-ip cs-username s-ip s-port cs-method cs-uri-stem cs-uri-query sc-status cs(User-Agent) • 2004-11-29 00:00:02 204.126.118.185 - 204.89.222.92 80 GET /wutrack.bin V=2&U=4ebd9c766be10a43b16b975d41400fa7&C=iu&A=n&I=&D=&P=5.0.893.2.0.1.0&L=en-US&S=s&E=00000000&M=&X=041129115959691 200 Industry+Update+Control • 2004-11-29 00:00:02 204.126.118.185 - 204.89.222.92 80 GET /wutrack.bin V=2&U=4ebd9c766be10a43b16b975d41400fa7&C=iu&A=n&I=&D=&P=5.0.893.2.0.1.0&L=en-US&S=s&E=00000000&M=&X=041129120000032 200 Industry+Update+Control • 2004-11-29 00:11:01 146.63.96.98 - 204.89.222.92 80 HEAD /iuident.cab 0411290012 200 Industry+Update+Control • 2004-11-29 00:11:01 146.63.96.98 - 204.89.222.92 80 GET /iuident.cab 0411290012 200 Industry+Update+Control • 2004-11-29 00:11:01 146.63.96.98 - 204.89.222.92 80 HEAD /selfupdate/AU/x86/W2K/en/wuaucomp.cab 0411290012 200 Industry+Update+Control • 2004-11-29 00:11:01 146.63.96.98 - 204.89.222.92 80 GET /selfupdate/AU/x86/W2K/en/wuaucomp.cab 0411290012 200 Industry+Update+Control • 2004-11-29 00:11:01 146.63.96.98 - 204.89.222.92 80 HEAD /iuident.cab 0411290012 200 Industry+Update+Control • 2004-11-29 00:11:01 146.63.96.98 - 204.89.222.92 80 GET /wutrack.bin V=2&U=9a8eec4e9adc7043b45ba833addf8410&C=iu&A=n&I=&D=&P=5.0.893.2.0.1.0&L=en-US&S=s&E=00000000&M=&X=041129001255852 200 Industry+Update+Control • (continues for thousands of lines…..)
Wan Configuration File • DNR • { • Anchorage • { • # this is a comment. Ignore me • Atwood • { • # first 4 numbers are the base ip and the last number defines the range • 6th floor (146 63 110 35 126) • 7th floor (204 89 222 1 254) • 9th floor (146 63 111 31 112) • 10th floor (146 63 110 166 254) • 12th floor (204 17 169 100 254) • 13th floor (146 63 165 50 126) • 14th floor (204 126 118 50 254) • OPMP • DGGS • } • TLO (146 63 116 160 182) • } • }
More on the WAN Config File • The data between each parenthesis is a branch in a tree. • Recursive function used to load and save the data. • Comments are ignored when loading. • Easy to edit by hand if necessary.
Notes on the Main Window • When starting, everything is loaded automatically. • Custom WAN • Database information • Directory and file paths • Gives access to the other windows. • Is in charge of communicating with the database.
Log File Import Tool • Can import directories of log files • Capable of a full replacement • Will query the DNS server for computer names
Wan Configuration • Creates a logical WAN to sort the IP addresses • Dynamic so not every entry needs an IP range • Can delete entire branches or single entries
Difficulties • Time management • Taking 19 credits and working. • Creating a recursive function to build sql queries from the tree (the main form). • Coming up with a way to store the WAN configuration. • Writing my own date and ip classes suited more for my needs.
What I Learned • How to connect to, read from, and write to an Access database in C#. • Registry manipulation (creating keys, saving values to them, etc.). • How some of the more complex C# forms work (TreeView for example). • Having a better design document would have saved me time.
Conclusion • SUS Commander will allow for better monitoring of SUS activity. • The DNS lookups will help us pinpoint possible weak spots. • Report generation will provide data that can be valuable for future upgrades and security meetings. • HTML reports can help technicians make sure that remote offices are being updated while on site.