SUS Commander Sean Merritt

Background Department of Natural Resources uses a Software Update Server to update the user’s PCs. The log files are cryptic Need a way to evaluate the log files Generating reports would prove how useful the system is.

Goals Design and implement a system that will decipher the log files and provide helpful feedback to the server administrators. Make the system dynamic so anyone using a Software Update Server can use it.

SUS Commander Ability to import entire directories of log files. Reads relevant information into an Access database. Allows for the creation of custom logical WANs for sorting. Exports HTML or Plain Text reports from user- specified queries.

Data The log files. The custom wan configuration. –Stored in a “scripting” like format The database. –Contains all of the extracted information from the log files Registry keys to store important information on file locations.

Example of a Day’s Log File #Software: Microsoft Internet Information Services 5.0 #Version: 1.0 #Date: :00:02 #Fields: date time c-ip cs-username s-ip s-port cs-method cs-uri-stem cs-uri-query sc-status cs(User-Agent) :00: GET /wutrack.bin V=2&U=4ebd9c766be10a43b16b975d41400fa7&C=iu&A=n&I=&D=&P= &L=en- US&S=s&E= &M=&X= Industry+Update+Control :00: GET /wutrack.bin V=2&U=4ebd9c766be10a43b16b975d41400fa7&C=iu&A=n&I=&D=&P= &L=en- US&S=s&E= &M=&X= Industry+Update+Control :11: HEAD /iuident.cab Industry+Update+Control :11: GET /iuident.cab Industry+Update+Control :11: HEAD /selfupdate/AU/x86/W2K/en/wuaucomp.cab Industry+Update+Control :11: GET /selfupdate/AU/x86/W2K/en/wuaucomp.cab Industry+Update+Control :11: HEAD /iuident.cab Industry+Update+Control :11: GET /wutrack.bin V=2&U=9a8eec4e9adc7043b45ba833addf8410&C=iu&A=n&I=&D=&P= &L=en- US&S=s&E= &M=&X= Industry+Update+Control (continues for thousands of lines…..)

Wan Configuration File DNR { Anchorage { # this is a comment. Ignore me Atwood { # first 4 numbers are the base ip and the last number defines the range 6th floor ( ) 7th floor ( ) 9th floor ( ) 10th floor ( ) 12th floor ( ) 13th floor ( ) 14th floor ( ) OPMP DGGS } TLO ( ) }

More on the WAN Config File The data between each parenthesis is a branch in a tree. Recursive function used to load and save the data. Comments are ignored when loading. Easy to edit by hand if necessary.

Architecture

Final Product

Notes on the Main Window When starting, everything is loaded automatically. –Custom WAN –Database information –Directory and file paths Gives access to the other windows. Is in charge of communicating with the database.

Log File Import Tool Can import directories of log files Capable of a full replacement Will query the DNS server for computer names

Wan Configuration Creates a logical WAN to sort the IP addresses Dynamic so not every entry needs an IP range Can delete entire branches or single entries

Difficulties Time management –Taking 19 credits and working. Creating a recursive function to build sql queries from the tree (the main form). Coming up with a way to store the WAN configuration. Writing my own date and ip classes suited more for my needs.

What I Learned How to connect to, read from, and write to an Access database in C#. Registry manipulation (creating keys, saving values to them, etc.). How some of the more complex C# forms work (TreeView for example). Having a better design document would have saved me time.

Conclusion SUS Commander will allow for better monitoring of SUS activity. The DNS lookups will help us pinpoint possible weak spots. Report generation will provide data that can be valuable for future upgrades and security meetings. HTML reports can help technicians make sure that remote offices are being updated while on site.

Questions?