Changeset 273

Timestamp:

06/13/10 22:02:07 (3 months ago)

Author:

mickem

Message:

Merged back all (some?) of the new changes from 0.3.8

Location:

trunk

Files:

• . (modified) (1 prop)
• build.bat (copied) (copied from tags/0.3.8/build.bat)
• clean.bat (copied) (copied from tags/0.3.8/clean.bat)
• helpers/XAutoBuild/AutoBuild.h (modified) (1 diff)
• include/checkHelpers.hpp (modified) (8 diffs)
• include/filter_framework.hpp (modified) (8 diffs)
• include/parsers (copied) (copied from tags/0.3.8/include/parsers)
• include/parsers/ast.cpp (copied) (copied from tags/0.3.8/include/parsers/ast.cpp)
• include/parsers/ast.hpp (copied) (copied from tags/0.3.8/include/parsers/ast.hpp)
• include/parsers/eval.hpp (copied) (copied from tags/0.3.8/include/parsers/eval.hpp)
• include/parsers/grammar.cpp (copied) (copied from tags/0.3.8/include/parsers/grammar.cpp)
• include/parsers/grammar.hpp (copied) (copied from tags/0.3.8/include/parsers/grammar.hpp)
• include/parsers/helpers.cpp (copied) (copied from tags/0.3.8/include/parsers/helpers.cpp)
• include/parsers/helpers.hpp (copied) (copied from tags/0.3.8/include/parsers/helpers.hpp)
• include/parsers/old_where.hpp (copied) (copied from tags/0.3.8/include/parsers/old_where.hpp)
• include/parsers/where.cpp (copied) (copied from tags/0.3.8/include/parsers/where.cpp)
• include/parsers/where.hpp (copied) (copied from tags/0.3.8/include/parsers/where.hpp)
• include/settings/macros.h (modified) (2 diffs)
• include/simple_registry.hpp (copied) (copied from tags/0.3.8/include/simple_registry.hpp)
• include/strEx.h (modified) (4 diffs)
• modules/CheckDisk/CheckDisk.cpp (modified) (18 diffs)
• modules/CheckDisk/CheckDisk.h (modified) (1 diff)
• modules/CheckEventLog/CheckEventLog.cpp (modified) (25 diffs)
• modules/CheckEventLog/CheckEventLog.h (modified) (1 diff)
• modules/CheckExternalScripts/CheckExternalScripts.cpp (modified) (2 diffs)
• modules/CheckExternalScripts/CheckExternalScripts.h (modified) (1 diff)
• modules/CheckHelpers/CheckHelpers.cpp (modified) (1 diff)
• modules/CheckSystem/CheckSystem.cpp (modified) (7 diffs)
• modules/CheckSystem/CheckSystem.h (modified) (1 diff)
• modules/CheckTaskSched/Jamfile (copied) (copied from tags/0.3.8/modules/CheckTaskSched/Jamfile)
• modules/FileLogger/FileLogger.cpp (modified) (1 diff)
• modules/LUAScript/Jamfile (copied) (copied from tags/0.3.8/modules/LUAScript/Jamfile)
• modules/LUAScript/LUAScript.cpp (modified) (2 diffs)
• modules/NRPEClient/NRPEClient.h (modified) (1 diff)
• modules/NSCAAgent/NSCAAgent.h (modified) (1 diff)
• modules/NSCAAgent/NSCAThread.cpp (modified) (2 diffs)
• modules/SysTray/Jamfile (copied) (copied from tags/0.3.8/modules/SysTray/Jamfile)
• resource.h (copied) (copied from tags/0.3.8/resource.h)
• run_x64.bat (copied) (copied from tags/0.3.8/run_x64.bat)
• scripts/args.bat (deleted)
• scripts/check_vb.vbs (deleted)
• scripts/critical.bat (deleted)
• scripts/lib (copied) (copied from tags/0.3.8/scripts/lib)
• scripts/long.bat (deleted)
• scripts/multi_line.bat (deleted)
• scripts/ok.bat (deleted)
• x64-build.bat (copied) (copied from tags/0.3.8/x64-build.bat)
• x86-build.bat (copied) (copied from tags/0.3.8/x86-build.bat)

trunk/helpers/XAutoBuild/AutoBuild.h

@@ -3 +3 @@
 // change the FALSE to TRUE for autoincrement of build number
 #define INCREMENT_VERSION TRUE
-#define FILEVER        1,0,0,13
-#define PRODUCTVER     1,0,0,13
-#define STRFILEVER     "1.0.0.13"
-#define STRPRODUCTVER  "1.0.0.13"
-#define STRPRODUCTDATE  "2007-11-03"
+#define FILEVER        1,0,0,14
+#define PRODUCTVER     1,0,0,14
+#define STRFILEVER     _T("1.0.0.14")
+#define STRPRODUCTVER  _T("1.0.0.14")
+#define STRPRODUCTDATE  _T("2010-02-27")
 #endif // AUTOBUILD_H

trunk/include/checkHelpers.hpp

@@ -309 +309 @@
     void runCheck(value_type &value, NSCAPI::nagiosReturn &returnCode, std::wstring &message, std::wstring &perf) {
       for (check_list_type::const_iterator cit=checks_.begin(); cit != checks_.end(); ++cit) {
+        (*cit)->set_showall(show);
         (*cit)->runCheck(value, returnCode, message, perf);
       }
@@ -329 +330 @@
     }
     static TType parse(std::wstring s) {
-      return strEx::stoi64_as_BKMG(s);
+      TType val = strEx::stoi64_as_BKMG(s);
+      if (val == 0 && s.length() > 1 && s[0] != L'0')
+        NSC_LOG_MESSAGE_STD(_T("Maybe this is not what you want: ") + s + _T(" = ") + strEx::itos(val));
+      return val;
     }
     static TType parse_percent(std::wstring s) {
@@ -364 +368 @@
   public:
     static TType parse(std::wstring s) {
-      return strEx::stoi64_as_time(s);
+      TType val = strEx::stoi64_as_time(s);
+      if (val == 0 && s.length() > 1 && s[0] != L'0')
+        NSC_LOG_MESSAGE_STD(_T("Maybe this is not what you want: ") + s + _T(" = 0"));
+      return val;
     }
     static TType parse_percent(std::wstring s) {
@@ -397 +404 @@
   public:
     static int parse(std::wstring s) {
-      return strEx::stoi(s);
+      int val = strEx::stoi(s);
+      if (val == 0 && s.length() > 1 && s[0] != L'0')
+        NSC_LOG_MESSAGE_STD(_T("Maybe this is not what you want: ") + s + _T(" = 0"));
+      return val;
     }
     static int parse_percent(std::wstring s) {
@@ -427 +437 @@
   public:
     static __int64 parse(std::wstring s) {
-      return strEx::stoi64(s);
+      __int64 val = strEx::stoi64(s);
+      if (val == 0 && s.length() > 1 && s[0] != L'0')
+        NSC_LOG_MESSAGE_STD(_T("Maybe this is not what you want: ") + s + _T(" = 0"));
+      return val;
     }
     static __int64 parse_percent(std::wstring s) {
@@ -716 +729 @@
         crit_v = crit;
       } else if (type_ == value_upper) {
-        std::wstring unit = THandler::get_perf_unit(min(warn, min(crit, value.value)));
-        return 
           MAKE_PERFDATA(alias, THandler::print_perf((value.value), unit), unit, 
           THandler::print_perf(value.total-warn, unit), THandler::print_perf(value.total-crit, unit));
@@ -865 +876 @@
   };
 
+  template <class TFilterType>
+  class FilterBounds {
+  public:
+    TFilterType filter;
+    typedef typename TFilterType::TValueType TValueType;
+    typedef FilterBounds<TFilterType> TMyType;
+
+    FilterBounds() {}
+    FilterBounds(const FilterBounds &other) {
+      filter = other.filter;
+    }
+    bool hasBounds() {
+      return filter.hasFilter();
+    }
+
+    static std::wstring toStringLong(typename TValueType &value) {
+      //return filter.to_string() + _T(" matches ") + value;
+      // TODO FIx this;
+      return value;
+      //return TNumericHolder::toStringLong(value.count) + _T(", ") + TStateHolder::toStringLong(value.state);
+    }
+    static std::wstring toStringShort(typename TValueType &value) {
+      // TODO FIx this;
+      return value;
+      //return TNumericHolder::toStringShort(value.count);
+    }
+    std::wstring gatherPerfData(std::wstring alias, typename TValueType &value, TMyType &warn, TMyType &crit) {
+      return _T("");
+    }
+    bool check(typename TValueType &value, std::wstring lable, std::wstring &message, ResultType type) {
+      if (filter.hasFilter()) {
+        if (!filter.matchFilter(value))
+          return false;
+        message = lable + _T(": ") + filter.to_string() + _T(" matches ") + value;
+        return true;
+      } else {
+        NSC_LOG_MESSAGE_STD(_T("Missing bounds for filter check: ") + lable);
+      }
+      return false;
+    }
+    const TMyType & operator=(std::wstring value) {
+      filter = value;
+      return *this;
+    }
+
+  };
+
+
   template <class TStateHolder = StateBounds<state_type, state_handler> >
   class SimpleStateBounds {
@@ -932 +991 @@
         return min.gatherPerfData(alias, value, warn.min.getPerfBound(value), crit.min.getPerfBound(value));
       } else {
-        NSC_DEBUG_MSG_STD(_T("Missing bounds for maxmin-bounds check: ") + alias);
+        NSC_LOG_MESSAGE_STD(_T("Missing bounds for maxmin-bounds check: ") + alias);
         return min.gatherPerfData(alias, value, 0, 0);
       }

trunk/include/filter_framework.hpp

@@ -68 +68 @@
     struct numeric_max_filter {
       static bool filter(TType filter, TType value) {
+        //std::wcout << filter << _T(" >= ") << value << std::endl;
         return value >= filter;
       }
@@ -113 +114 @@
       static std::wstring parse(std::wstring str) {
         return str;
+      }
+      static std::wstring print(std::wstring value) {
+        return value;
       }
     };
@@ -194 +198 @@
   template <typename TFilterType, typename TValueType, class THandler, class TFilter>
   struct filter_one {
-    TFilterType filter;
+    TFilterType filter_;
     bool hasFilter_;
     std::wstring value_;
     filter_one() : hasFilter_(false) {}
-    filter_one(const filter_one &other) : hasFilter_(other.hasFilter_), filter(other.filter), value_(other.value_) {
+    filter_one(const filter_one &other) : hasFilter_(other.hasFilter_), filter_(other.filter_), value_(other.value_) {
     }
 
@@ -205 +209 @@
     }
     bool matchFilter(const TValueType value) const {
-      return TFilter::filter(filter, value);
+      return TFilter::filter(filter_, value);
     }
     const filter_one & operator=(std::wstring value) {
@@ -211 +215 @@
       hasFilter_ = false;
       try {
-        filter = THandler::parse(value);
+        filter_ = THandler::parse(value);
         hasFilter_ = true;
       } catch (handlers::handler_exception e) {
@@ -237 +241 @@
     not_string_filter not;
     std::wstring value_;
+    typedef std::wstring TValueType;
 #ifdef USE_BOOST
     regexp_string_filter regexp;
@@ -366 +371 @@
       return *this;
     }
-#define NSCP_FF_DEBUG_NUM(key) if (key.hasFilter()) return _T( # key ) + key.value_;
+#define NSCP_FF_DEBUG_NUM(key) if (key.hasFilter()) strEx::append_list(str, std::wstring(_T( # key )) + _T(" ") + key.getValue(), _T(","));
     std::wstring to_string() const {
+      std::wstring str;
       NSCP_FF_DEBUG_NUM(max);
       NSCP_FF_DEBUG_NUM(min);
       NSCP_FF_DEBUG_NUM(eq);
       NSCP_FF_DEBUG_NUM(neq);
-      //NSCP_FF_DEBUG_NUM(inList);
-      return _T(" MISSING! ");
+      NSCP_FF_DEBUG_NUM(inList);
+      return str;
     }
     std::wstring getValue() const {
@@ -381 +387 @@
   typedef filter_all_numeric<__int64, checkHolders::time_handler<__int64> > filter_all_times;
   typedef filter_all_numeric<unsigned long, checkHolders::int_handler > filter_all_num_ul;
+  typedef filter_all_numeric<long long, checkHolders::int_handler > filter_all_num_ll;
 
   template <typename TFilterType, typename TValueType>

trunk/include/settings/macros.h

@@ -79 +79 @@
 #define EXTSCRIPT_SCRIPT_SECTION "/settings/external scripts/scripts"
 #define EXTSCRIPT_ALIAS_SECTION "/settings/external scripts/alias"
+#define EXTSCRIPT_WRAPPINGS_SECTION "/settings/external scripts/wrappings"
+#define EXTSCRIPT_WRAPPED_SCRIPT "/settings/external scripts/wrapped scripts"
 #define CHECK_SYSTEM_SECTION "/settings/system"
 #define CHECK_SYSTEM_COUNTERS_SECTION "/settings/system/PDH counters"
@@ -250 +252 @@
     DESCRIBE_SETTING(ALIAS_SECTION, "EXTERNAL SCRIPT ALIAS SECTION", "Works like the \"inject\" concept of NRPE scripts module. But in short a list of aliases available. An alias is an internal command that has been \"wrapped\" (to add arguments). Be careful so you don't create loops (ie check_loop=check_a, check_a=check_loop)");
 
+    DEFINE_PATH(WRAPPINGS_SECTION, EXTSCRIPT_WRAPPINGS_SECTION);
+    DESCRIBE_SETTING(WRAPPINGS_SECTION, "EXTERNAL SCRIPT WRAPPINGS SECTION", "");
+
+    DEFINE_PATH(WRAPPED_SCRIPT, EXTSCRIPT_WRAPPED_SCRIPT);
+    DESCRIBE_SETTING(WRAPPED_SCRIPT, "EXTERNAL SCRIPT WRAPPINGS SECTION", "");
+
   }
 

trunk/include/strEx.h

@@ -271 +271 @@
     return buf;
   }
+#define MK_FORMAT_FTD(min, key, val) \
+  if (mtm->tm_year > min) \
+  strEx::replace(format, key, strEx::itos(val));  \
+  else  \
+  strEx::replace(format, key, _T("0"));
+
+
 
   static const __int64 SECS_BETWEEN_EPOCHS = 11644473600;
   static const __int64 SECS_TO_100NS = 10000000;
   inline std::wstring format_filetime(unsigned long long filetime, std::wstring format = _T("%Y-%m-%d %H:%M:%S")) {
+    if (filetime == 0)
+      return _T("ZERO");
     filetime -= (SECS_BETWEEN_EPOCHS * SECS_TO_100NS);
     filetime /= SECS_TO_100NS;
@@ -326 +335 @@
   }
   inline std::wstring itos(unsigned long long i) {
+    std::wstringstream ss;
+    ss << i;
+    return ss.str();
+  }
+  inline std::wstring itos(long long i) {
     std::wstringstream ss;
     ss << i;
@@ -440 +454 @@
   }
 
-#define MK_FORMAT_FTD(min, key, val) \
-  if (mtm->tm_year > min) \
-    strEx::replace(format, key, strEx::itos(val));  \
-  else  \
-    strEx::replace(format, key, _T("0"));
-
-  inline std::wstring format_time_delta(struct tm *mtm, std::wstring format = _T("%Y years %m months %d days %H hours %M minutes")) {
-    // "Date: %Y-%m-%d %H:%M:%S"
-    MK_FORMAT_FTD(70, _T("%Y"), mtm->tm_year);
-    MK_FORMAT_FTD(0, _T("%m"), mtm->tm_mon);
-    MK_FORMAT_FTD(0, _T("%d"), mtm->tm_mday-1);
-    MK_FORMAT_FTD(0, _T("%H"), mtm->tm_hour);
-    MK_FORMAT_FTD(0, _T("%M"), mtm->tm_min);
-    MK_FORMAT_FTD(0, _T("%S"), mtm->tm_sec);
-    return format;
-  }
 
 #define WEEK  (7 * 24 * 60 * 60 * 1000)
@@ -752 +750 @@
   }
 
+#define MK_FORMAT_FTD(min, key, val) \
+  if (mtm->tm_year > min) \
+  strEx::replace(format, key, strEx::itos(val));  \
+  else  \
+  strEx::replace(format, key, _T("0"));
+
+  inline std::wstring format_time_delta(struct tm *mtm, std::wstring format = _T("%Y years %m months %d days %H hours %M minutes")) {
+    // "Date: %Y-%m-%d %H:%M:%S"
+    MK_FORMAT_FTD(70, _T("%Y"), mtm->tm_year);
+    MK_FORMAT_FTD(0, _T("%m"), mtm->tm_mon);
+    MK_FORMAT_FTD(0, _T("%d"), mtm->tm_mday-1);
+    MK_FORMAT_FTD(0, _T("%H"), mtm->tm_hour);
+    MK_FORMAT_FTD(0, _T("%M"), mtm->tm_min);
+    MK_FORMAT_FTD(0, _T("%S"), mtm->tm_sec);
+    return format;
+  }
+  inline std::wstring format_time_delta(time_t time, std::wstring format = _T("%Y years %m months %d days %H hours %M minutes")) {
+    struct tm nt; // = new struct tm;
+#if (_MSC_VER > 1300)  // 1300 == VC++ 7.0
+    if (gmtime_s(&nt, &time) != 0)
+      return _T("");
+#else
+    nt = gmtime(&time);
+    if (nt == NULL)
+      return "";
+#endif
+    return format_time_delta(&nt, format);
+  }
+  inline std::wstring format_filetime_delta(unsigned long long filetime, std::wstring format = _T("%Y-%m-%d %H:%M:%S")) {
+    if (filetime == 0)
+      return _T("ZERO");
+    //filetime -= (SECS_BETWEEN_EPOCHS * SECS_TO_100NS);
+    filetime /= SECS_TO_100NS;
+    return format_time_delta(static_cast<time_t>(filetime), format);
+  }
 
 #ifdef _DEBUG

trunk/modules/CheckDisk/CheckDisk.cpp

@@ -36 +36 @@
 }
 
-CheckDisk::CheckDisk() {
+CheckDisk::CheckDisk() : show_errors_(false) {
 }
 CheckDisk::~CheckDisk() {
@@ -51 +51 @@
     NSCModuleHelper::registerCommand(_T("CheckDriveSize"), _T("Check the size (free-space) of a drive or volume."));
     NSCModuleHelper::registerCommand(_T("CheckFile"), _T("Check various aspects of a file and/or folder."));
+
+    show_errors_ = NSCModuleHelper::getSettingsInt(CHECK_DISK_SECTION_TITLE, CHECK_DISK_SHOW_ERRORS, CHECK_DISK_SHOW_ERRORS_DEFAULT)==1;
   } catch (NSCModuleHelper::NSCMHExcpetion &e) {
     NSC_LOG_ERROR_STD(_T("Failed to register command: ") + e.msg_);
@@ -73 +75 @@
   virtual void report_error(std::wstring error) = 0;
   virtual void report_warning(std::wstring error) = 0;
+  virtual bool has_error() = 0;
+  virtual std::wstring get_error() = 0;
 };
 
@@ -87 +91 @@
 struct get_size : public baseFinderFunction
 {
-  bool error;
-  get_size() : size(0), error(false) { }
+  get_size() : size(0) { }
   result_type operator()(argument_type ffd) {
     if (!file_helpers::checks::is_directory(ffd.wfd.dwFileAttributes)) {
@@ -98 +101 @@
     return size;
   }
-  inline const bool hasError() const {
-    return error;
-  }
   inline void setError(error_reporter *errors, std::wstring msg) {
     if (errors != NULL)
       errors->report_error(msg);
-    error = true;
   }
 private:  
@@ -354 +353 @@
   return _T("unknown: ") + strEx::itos(drvType);
 }
-
-class NSC_error : public error_reporter {
-  void report_error(std::wstring error) {
-    NSC_LOG_ERROR(error);
-  }
-  void report_warning(std::wstring error) {
-    NSC_LOG_MESSAGE(error);
-  }
-};
-typedef std::pair<std::wstring,std::wstring> pattern_type;
-pattern_type split_path_ex(std::wstring path) {
-  std::wstring baseDir;
-  if (file_helpers::checks::is_directory(path)) {
-    return pattern_type(path, _T(""));
-  }
-  std::wstring::size_type pos = path.find_last_of('\\');
-  if (pos == std::wstring::npos) {
-    pattern_type(path, _T("*.*"));
-  }
-  NSC_DEBUG_MSG_STD(_T("Looking for: path: ") + path.substr(0, pos) + _T(", pattern: ") + path.substr(pos+1));
-  return pattern_type(path.substr(0, pos), path.substr(pos+1));
-}
-
-typedef std::pair<std::wstring,std::wstring> pattern_type;
-pattern_type split_pattern(std::wstring path) {
-  std::wstring baseDir;
-  if (file_helpers::checks::exists(path)) {
-    return pattern_type(path, _T(""));
-  }
-  std::wstring::size_type pos = path.find_last_of('\\');
-  if (pos == std::wstring::npos) {
-    pattern_type(path, _T("*.*"));
-  }
-  NSC_DEBUG_MSG_STD(_T("Looking for: pattern: ") + path.substr(0, pos) + _T(", pattern: ") + path.substr(pos+1));
-  return pattern_type(path.substr(0, pos), path.substr(pos+1));
-}
+4
 
 
@@ -453 +417 @@
 
   std::wstring error;
+  //bool has_error;
+
+  static file_info get(__int64 now, std::wstring path, std::wstring file) {
+    return get_2(now, path, file);
+  }
+  static file_info get(__int64 now, file_finder_data data) {
+    return file_info(now, data.wfd, data.path, data.wfd.cFileName);
+  }
+
+  static file_info get_2(__int64 now, std::wstring path, std::wstring file) {
+    WIN32_FILE_ATTRIBUTE_DATA data;
+    if (!GetFileAttributesEx((path + _T("\\") + file).c_str(), GetFileExInfoStandard, reinterpret_cast<LPVOID>(&data))) {
+      file_info ret;
+      ret.error = _T("Could not open file (2) ") + path + _T("\\") + file + _T(": ") + error::lookup::last_error();
+      return ret;
+    }
+    return file_info(now, data, path, file);
+  }
+  static file_info get_1(__int64 now, std::wstring path, std::wstring file) {
+    HANDLE hFile = CreateFile((path + _T("\\") + file).c_str(), FILE_READ_ATTRIBUTES, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, 0, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, 0);
+    if (hFile == INVALID_HANDLE_VALUE) {
+      file_info ret;
+      ret.error = _T("Could not open file (1) ") + path + _T("\\") + file + _T(": ") + error::lookup::last_error();
+      return ret;
+    }
+    BY_HANDLE_FILE_INFORMATION _info;
+    GetFileInformationByHandle(hFile, &_info);
+    CloseHandle(hFile);
+    return file_info(now, _info, path, file);
+  }
+
+  file_info() 
+    : ullCreationTime(0)
+    , ullLastAccessTime(0)
+    , ullLastWriteTime(0)
+    , ullSize(0)
+    , ullNow(0)
+    , cached_version(false, _T("")) 
+    , cached_count(false, 0)
+  {}
+  file_info(__int64 now, const WIN32_FILE_ATTRIBUTE_DATA info, std::wstring path_, std::wstring filename_) 
+    : path(path_)
+    , filename(filename_)
+    , ullCreationTime(0)
+    , ullLastAccessTime(0)
+    , ullLastWriteTime(0)
+    , ullSize(0)
+    , ullNow(now)
+    , cached_version(false, _T("")) 
+    , cached_count(false, 0)
+  {
+    ullSize = ((info.nFileSizeHigh * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)info.nFileSizeLow);
+    ullCreationTime = ((info.ftCreationTime.dwHighDateTime * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)info.ftCreationTime.dwLowDateTime);
+    ullLastAccessTime = ((info.ftLastAccessTime.dwHighDateTime * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)info.ftLastAccessTime.dwLowDateTime);
+    ullLastWriteTime = ((info.ftLastWriteTime.dwHighDateTime * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)info.ftLastWriteTime.dwLowDateTime);
+  };
+  file_info(__int64 now, const BY_HANDLE_FILE_INFORMATION info, std::wstring path_, std::wstring filename_) 
+    : path(path_)
+    , filename(filename_)
+    , ullCreationTime(0)
+    , ullLastAccessTime(0)
+    , ullLastWriteTime(0)
+    , ullSize(0)
+    , ullNow(now)
+    , cached_version(false, _T("")) 
+    , cached_count(false, 0)
+  {
+    ullSize = ((info.nFileSizeHigh * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)info.nFileSizeLow);
+    ullCreationTime = ((info.ftCreationTime.dwHighDateTime * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)info.ftCreationTime.dwLowDateTime);
+    ullLastAccessTime = ((info.ftLastAccessTime.dwHighDateTime * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)info.ftLastAccessTime.dwLowDateTime);
+    ullLastWriteTime = ((info.ftLastWriteTime.dwHighDateTime * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)info.ftLastWriteTime.dwLowDateTime);
+  };
+  file_info(__int64 now, const WIN32_FIND_DATA info, std::wstring path_, std::wstring filename_) 
+    : path(path_)
+    , filename(filename_)
+    , ullCreationTime(0)
+    , ullLastAccessTime(0)
+    , ullLastWriteTime(0)
+    , ullSize(0)
+    , ullNow(now)
+    , cached_version(false, _T("")) 
+    , cached_count(false, 0)
+  {
   bool has_error;
 
@@ -537 +584 @@
     ullLastWriteTime = ((info.ftLastWriteTime.dwHighDateTime * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)info.ftLastWriteTime.dwLowDateTime);
   };
+  file_info(__int64 now, std::wstring path_, std::wstring filename_) 
+    : path(path_)
+    , filename(filename_)
+    , ullCreationTime(0)
+    , ullLastAccessTime(0)
+    , ullLastWriteTime(0)
+    , ullSize(0)
+    , ullNow(now)
+    , cached_version(false, _T("")) 
+    , cached_count(false, 0)
+  {
+  };
   file_info(std::wstring path_, std::wstring filename_) 
     : path(path_)
@@ -576 +635 @@
     strEx::replace(syntax, _T("%access%"), strEx::format_filetime(ullLastAccessTime, DATE_FORMAT));
     strEx::replace(syntax, _T("%write%"), strEx::format_filetime(ullLastWriteTime, DATE_FORMAT));
+    strEx::replace(syntax, _T("%creation-raw%"), strEx::itos(ullCreationTime));
+    strEx::replace(syntax, _T("%access-raw%"), strEx::itos(ullLastAccessTime));
+    strEx::replace(syntax, _T("%write-raw%"), strEx::itos(ullLastWriteTime));
+    strEx::replace(syntax, _T("%now-raw%"), strEx::itos(ullNow));
 /*
     strEx::replace(syntax, _T("%creation-d%"), strEx::format_filetime(ullCreationTime, DATE_FORMAT));
@@ -643 +706 @@
 };
 
+struct file_container : public file_info {
+  std::wstring error_;
+
+
+  static file_container get(std::wstring file) {
+    FILETIME now;
+    GetSystemTimeAsFileTime(&now);
+    unsigned __int64 nowi64 = ((now.dwHighDateTime * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)now.dwLowDateTime);
+    return get(file, nowi64);
+  }
+
+  static file_container get(std::wstring file, unsigned long long now) {
+
+    BY_HANDLE_FILE_INFORMATION _info;
+
+    HANDLE hFile = CreateFile(file.c_str(), FILE_READ_ATTRIBUTES, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
+      0, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, 0);
+    if (hFile == INVALID_HANDLE_VALUE) {
+      return file_container(now, file, _T("Could not open file: ") + file);
+    }
+    GetFileInformationByHandle(hFile, &_info);
+    CloseHandle(hFile);
+    file_container info(now, _info, file);
+    //info.ullNow = now;
+    return info;
+  }
+
+
+  file_container(__int64 now, const BY_HANDLE_FILE_INFORMATION info, std::wstring file) : file_info(now, info, file_helpers::meta::get_path(file), file_helpers::meta::get_filename(file)) {}
+  file_container(__int64 now, std::wstring file, std::wstring error) : error_(error), file_info(now, file_helpers::meta::get_path(file), file_helpers::meta::get_filename(file)) {}
+
+  bool has_errors() {
+    return !error_.empty();
+  }
+  std::wstring get_error() {
+    return error_;
+  }
+
+};
 struct file_filter {
   filters::filter_all_numeric<unsigned long long, checkHolders::disk_size_handler<checkHolders::disk_size_type> > size;
@@ -693 +795 @@
 {
   file_info info;
-  bool error;
+  __int64 now_;
 //  std::wstring message;
-  find_first_file_info() : error(false) {}
+  find_first_file_info() : now_(0) {
+    FILETIME now;
+    GetSystemTimeAsFileTime(&now);
+    now_ = ((now.dwHighDateTime * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)now.dwLowDateTime);
+  }
   result_type operator()(argument_type ffd) {
     if (file_helpers::checks::is_directory(ffd.wfd.dwFileAttributes))
       return true;
 
+    file_info info = file_info::get(now_, ffd);
     file_info info = file_info::get(ffd);
     if (!info.error.empty()) {
@@ -721 +828 @@
     */
   }
-  inline const bool hasError() const {
-    return error;
-  }
   inline void setError(error_reporter *errors, std::wstring msg) {
     if (errors != NULL)
       errors->report_error(msg);
-    error = true;
   }
 };
@@ -736 +839 @@
   bool bFilterAll;
   bool bFilterIn;
-  bool error;
   std::wstring message;
   std::wstring syntax;
@@ -742 +844 @@
   unsigned long long now;
   unsigned int hit_count;
-
-  file_filter_function() : hit_count(0), error(false), bFilterIn(true), bFilterAll(true) {}
+  __int64 now_;
+
+  file_filter_function() : now_(0), hit_count(0), bFilterIn(true), bFilterAll(true) {
+    FILETIME now;
+    GetSystemTimeAsFileTime(&now);
+    now_ = ((now.dwHighDateTime * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)now.dwLowDateTime);
+  }
   result_type operator()(argument_type ffd) {
     if (file_helpers::checks::is_directory(ffd.wfd.dwFileAttributes))
@@ -793 +900 @@
     return true;
   }
-  inline const bool hasError() const {
-    return error;
   }
   inline void setError(error_reporter *errors, std::wstring msg) {
@@ -898 +1003 @@
     last_error = msg;
     error_count++;
-    error = true;
   }
 
@@ -926 +1030 @@
   std::wstring path;
   bool debug = false;
-  find_first_file_info finder;
   MAP_OPTIONS_BEGIN(stl_args)
     MAP_OPTIONS_STR(_T("path"), path)
@@ -991 +1094 @@
       MAP_OPTIONS_PUSH_WTYPE(file_filter, _T("filter-written"), written, finder.filter_chain)
       MAP_OPTIONS_PUSH_WTYPE(file_filter, _T("filter-accessed"), accessed, finder.filter_chain)
+      MAP_OPTIONS_MISSING(message, _T("Unknown argument: "))
+      MAP_OPTIONS_END()
+  } catch (filters::parse_exception e) {
+    message = e.getMessage();
+    return NSCAPI::returnUNKNOWN;
+  } catch (filters::filter_exception e) {
+    message = e.getMessage();
+    return NSCAPI::returnUNKNOWN;
+  }
+  finder.syntax = syntax;
+  NSC_error errors;
+  for (std::list<std::wstring>::const_iterator pit = paths.begin(); pit != paths.end(); ++pit) {
+    pattern_type path = split_pattern(*pit);
+    recursive_scan<file_filter_function>(path.first, path.second, 0, max_dir_depth, finder, &errors, debug);
+    if (errors.has_error()) {
+      if (show_errors_)
+        message = errors.get_error();
+      else
+        message = _T("Check contains error. Check log for details (or enable show_errors in nsc.ini)");
+      return NSCAPI::returnUNKNOWN;
+    }
+  }
+  message = finder.message;
+  if (!alias.empty())
+    query.alias = alias;
+  else
+    query.alias = finder.alias;
+  if (query.alias.empty())
+    query.alias = _T("no files found");
+  query.runCheck(finder.hit_count, returnCode, message, perf);
+  if ((truncate > 0) && (message.length() > (truncate-4)))
+    message = message.substr(0, truncate-4) + _T("...");
+  if (message.empty())
+    message = _T("CheckFile ok");
+  return returnCode;
+}
+
+#define MAP_FILTER(value, obj) \
+    else if (p__.first == _T("filter+"##value)) { file_filter filter; filter.obj = p__.second; \
+      finder.filter_chain.push_back(filteritem_type(file_filter_function_ex::filter_plus, filter)); } \
+    else if (p__.first == _T("filter-"##value)) { file_filter filter; filter.obj = p__.second; \
+      finder.filter_chain.push_back(filteritem_type(file_filter_function_ex::filter_minus, filter)); } \
+    else if (p__.first == _T("filter."##value)) { file_filter filter; filter.obj = p__.second; \
+      finder.filter_chain.push_back(filteritem_type(file_filter_function_ex::filter_normal, filter)); }
+
+NSCAPI::nagiosReturn CheckDisk::CheckFile2(const unsigned int argLen, TCHAR **char_args, std::wstring &message, std::wstring &perf) {
+  NSCAPI::nagiosReturn returnCode = NSCAPI::returnOK;
+  std::list<std::wstring> stl_args = arrayBuffer::arrayBuffer2list(argLen, char_args);
+  typedef checkHolders::CheckContainer<checkHolders::MaxMinBoundsUInteger> CheckFileContainer;
+  typedef std::pair<int,file_filter> filteritem_type;
+  typedef std::list<filteritem_type > filterlist_type;
+  if (stl_args.empty()) {
+    message = _T("Missing argument(s).");
+    return NSCAPI::returnUNKNOWN;
+  }
+  file_filter_function_ex finder;
+  PathContainer tmpObject;
+  std::list<std::wstring> paths;
+  unsigned int truncate = 0;
+  CheckFileContainer query;
+  std::wstring syntax = _T("%filename%");
+  std::wstring masterSyntax = _T("%list%");
+  std::wstring alias;
+  std::wstring pattern = _T("*.*");
+  bool bPerfData = true;
+  int max_dir_depth = -1;
+  bool debug = false;
+  bool ignoreError = false;
+
+  try {
+    MAP_OPTIONS_BEGIN(stl_args)
+      MAP_OPTIONS_NUMERIC_ALL(query, _T(""))
+      MAP_OPTIONS_STR2INT(_T("truncate"), truncate)
+      MAP_OPTIONS_BOOL_FALSE(IGNORE_PERFDATA, bPerfData)
+      MAP_OPTIONS_STR(_T("syntax"), syntax)
+      MAP_OPTIONS_STR(_T("master-syntax"), masterSyntax)
+      MAP_OPTIONS_PUSH(_T("path"), paths)
+      MAP_OPTIONS_STR(_T("pattern"), pattern)
+      MAP_OPTIONS_STR(_T("alias"), alias)
+      MAP_OPTIONS_PUSH(_T("file"), paths)
+      MAP_OPTIONS_BOOL_TRUE(_T("debug"), debug)
+      MAP_OPTIONS_BOOL_TRUE(_T("ignore-errors"), ignoreError)
+      MAP_OPTIONS_STR2INT(_T("max-dir-depth"), max_dir_depth)
+      MAP_OPTIONS_BOOL_EX(_T("filter"), finder.bFilterIn, _T("in"), _T("out"))
+      MAP_OPTIONS_BOOL_EX(_T("filter"), finder.bFilterAll, _T("all"), _T("any"))
+      /*
       MAP_OPTIONS_MISSING(message, _T("Unknown argument: "))
       MAP_OPTIONS_END()

trunk/modules/CheckDisk/CheckDisk.h

@@ -27 +27 @@
 class CheckDisk {
 private:
+  bool show_errors_;
 
 public:

trunk/modules/CheckEventLog/CheckEventLog.cpp

@@ -23 +23 @@
 #include "CheckEventLog.h"
 #include <filter_framework.hpp>
+#include <boost/foreach.hpp>
 
 #include <strEx.h>
@@ -29 +30 @@
 #include <error.hpp>
 #include <map>
+<<<<<<< .working
 #include <vector>
 #include <config.h>
+=======
+#include <vector>
+>>>>>>> .merge-right.r272
+
+#include <boost/bind.hpp>
+#include <boost/assign.hpp>
+
+#include <parsers/where.hpp>
+#include <simple_timer.hpp>
+
+#include "simple_registry.hpp"
+#include "eventlog_record.hpp"
+#include "eventlog_filter.hpp"
 
 CheckEventLog gCheckEventLog;
+
+
+
 
 BOOL APIENTRY DllMain( HANDLE hModule, DWORD  ul_reason_for_call, LPVOID lpReserved)
@@ -44 +62 @@
 CheckEventLog::~CheckEventLog() {
 }
-
-
+struct parse_exception {
+  parse_exception(std::wstring) {}
+};
+
+#include <parsers/where.cpp>
+#include <parsers/grammar.cpp>
+#include <parsers/ast.cpp>
+
+<<<<<<< .working
 bool CheckEventLog::loadModule(NSCAPI::moduleLoadMode mode) {
   try {
@@ -62 +87 @@
   } catch (...) {
     NSC_LOG_ERROR_STD(_T("Failed to register command."));
-  }
-  return true;
+=======
+namespace filter {
+  namespace where {
+    struct type_obj : public parsers::where::varible_handler<type_obj> {
+      typedef parsers::where::varible_handler<type_obj> handler;
+      typedef std::list<std::wstring> error_type;
+      typedef std::map<std::wstring,parsers::where::value_type> types_type;
+      types_type types;
+      error_type errors;
+      static const parsers::where::value_type type_custom_severity = parsers::where::type_custom_int_1;
+      EventLogRecord *record;
+      type_obj() : record(NULL) {
+        using namespace boost::assign;
+        using namespace parsers::where;
+        insert(types)
+          (_T("id"), (type_int))
+          (_T("source"), (type_string))
+          (_T("type"), (type_int))
+          (_T("severity"), (type_custom_severity))
+          (_T("message"), (type_string))
+          (_T("strings"), (type_string))
+          (_T("written"), (type_date))
+          (_T("generated"), (type_date));
+      }
+      type_obj(EventLogRecord *record) : record(record) {}
+      bool has_variable(std::wstring key) {
+        return types.find(key) != types.end();
+      }
+      parsers::where::value_type get_type(std::wstring key) {
+        types_type::const_iterator cit = types.find(key);
+        if (cit == types.end())
+          return parsers::where::type_invalid;
+        return cit->second;
+      }
+      bool can_convert(parsers::where::value_type from, parsers::where::value_type to) {
+        if ((from == parsers::where::type_string)&&(to == type_custom_severity))
+          return true;
+        return false;
+      }
+      void error(std::wstring err) {
+        errors.push_back(err);
+      }
+      bool has_error() {
+        return !errors.empty();
+      }
+      long long get_id() {
+        if (record == NULL) throw _T("Whoops"); return record->eventID(); 
+      }
+      std::wstring get_source() {
+        if (record == NULL) throw _T("Whoops"); return record->eventSource(); 
+      }
+      long long get_el_type() {
+        if (record == NULL) throw _T("Whoops"); return record->eventType(); 
+      }
+      long long get_severity() {
+        if (record == NULL) throw _T("Whoops"); 
+        //NSC_DEBUG_MSG_STD(_T("Severity: ") + strEx::itos(record->severity()));
+        return record->severity();
+      }
+      std::wstring get_message() {
+        if (record == NULL) throw _T("Whoops"); return record->render_message(); 
+      }
+      std::wstring get_strings() {
+        if (record == NULL) throw _T("Whoops"); return record->enumStrings(); 
+      }
+      long long get_written() {
+        if (record == NULL) throw _T("Whoops"); return record->written(); 
+      }
+      long long get_generated() {
+        if (record == NULL) throw _T("Whoops"); return record->generated(); 
+      }
+
+      handler::bound_string_type bind_string(std::wstring key) {
+        handler::bound_string_type ret;
+        if (key == _T("source"))
+          ret = &type_obj::get_source;
+        else if (key == _T("message"))
+          ret = &type_obj::get_message;
+        else if (key == _T("strings"))
+          ret = &type_obj::get_strings;
+        else
+          NSC_DEBUG_MSG_STD(_T("Failed to bind (string): ") + key);
+        return ret;
+      }
+      handler::bound_int_type bind_int(std::wstring key) {
+        handler::bound_int_type ret;
+        if (key == _T("id"))
+          ret = &type_obj::get_id;
+        else if (key == _T("type"))
+          ret = &type_obj::get_el_type;
+        else if (key == _T("severity"))
+          ret = &type_obj::get_severity;
+        else if (key == _T("generated"))
+          ret = &type_obj::get_generated;
+        else if (key == _T("written"))
+          ret = &type_obj::get_written;
+        else
+          NSC_DEBUG_MSG_STD(_T("Failed to bind (int): ") + key);
+        return ret;
+      }
+
+      bool has_function(parsers::where::value_type to, std::wstring name, parsers::where::expression_ast<type_obj> subject) {
+        if (to == type_custom_severity)
+          return true;
+        return false;
+      }
+      handler::bound_function_type bind_function(parsers::where::value_type to, std::wstring name, parsers::where::expression_ast<type_obj> subject) {
+        handler::bound_function_type ret;
+        if (to == type_custom_severity)
+          ret = &type_obj::fun_convert_severity;
+        return ret;
+      }
+
+      parsers::where::expression_ast<type_obj> fun_convert_severity(parsers::where::value_type target_type, parsers::where::expression_ast<type_obj> const& subject) {
+        return parsers::where::expression_ast<type_obj>(parsers::where::int_value(convert_severity(subject.get_string(*this))));
+      }
+      int convert_severity(std::wstring str) {
+        if (str == _T("success") || str == _T("ok"))
+          return 0;
+        if (str == _T("informational") || str == _T("info"))
+          return 1;
+        if (str == _T("warning") || str == _T("warn"))
+          return 2;
+        if (str == _T("error") || str == _T("err"))
+          return 3;
+        error(_T("Invalid severity: ") + str);
+        return strEx::stoi(str);
+      }
+
+
+      std::wstring get_error() {
+        std::wstring ret;
+        BOOST_FOREACH(std::wstring s, errors) {
+          if (!ret.empty()) ret += _T(", ");
+          ret += s;
+        }
+        return ret;
+      }
+    };
+>>>>>>> .merge-right.r272
+  }
 }
-bool CheckEventLog::unloadModule() {
-  return true;
-}
-
-bool CheckEventLog::hasCommandHandler() {
-  return true;
-}
-bool CheckEventLog::hasMessageHandler() {
-  return false;
-}
+
 
 namespace simple_registry {
@@ -145 +300 @@
     }
 
+<<<<<<< .working
     std::list<std::wstring> get_keys(DWORD buffer_length = 2048) {
       std::list<std::wstring> ret;
@@ -209 +365 @@
 public:
   EventLogRecord(std::wstring file, EVENTLOGRECORD *pevlr, __int64 currentTime) : file_(file), pevlr_(pevlr), currentTime_(currentTime) {
-  }
-  inline __int64 timeGenerated() const {
-    return (currentTime_-pevlr_->TimeGenerated)*1000;
-  }
-  inline __int64 timeWritten() const {
-    return (currentTime_-pevlr_->TimeWritten)*1000;
-  }
-  inline std::wstring eventSource() const {
-    return reinterpret_cast<WCHAR*>(reinterpret_cast<LPBYTE>(pevlr_) + sizeof(EVENTLOGRECORD));
-  }
-  inline DWORD eventID() const {
-    return (pevlr_->EventID&0xffff);
-  }
-  inline DWORD severity() const {
-    return (pevlr_->EventID>>30);
-  }
-
-  inline DWORD eventType() const {
-    return pevlr_->EventType;
-  }
+=======
+
+struct filter_container {
+  enum filter_types {
+    filter_plus = 1,
+    filter_minus = 2,
+    filter_normal = 3
+  };
+  typedef std::pair<int,eventlog_filter> filteritem_type;
+  typedef std::list<filteritem_type > filterlist_type;
+
+  filterlist_type filters;
+
+  bool bFilterAll;
+  bool bFilterIn;
+
+  bool bDebug;
+  int debugThreshold;
+
+  bool bShowDescriptions;
+  std::wstring syntax;
+
+  std::wstring filter;
+
+  filter_container(std::wstring syntax, bool debug) : bDebug(debug), debugThreshold(0), bFilterIn(true), bFilterAll(false), bShowDescriptions(false), syntax(syntax) {}
+
+};
+
+struct any_mode_filter {
+  virtual bool boot() = 0;
+  virtual bool validate(std::wstring &message) = 0;
+  virtual bool match(EventLogRecord &record) = 0;
+  virtual std::wstring get_name() = 0;
+  virtual std::wstring get_subject() = 0;
+};
+
+struct first_mode_filter : public any_mode_filter {
+  typedef filter_container::filterlist_type::const_iterator filter_iterator;
+  filter_container &data;
+  first_mode_filter(filter_container &data) : data(data) {}
+  bool boot() {return true;}
+  bool validate(std::wstring &message) {
+    if (data.filters.empty()) {
+      message = _T("No filters specified try adding: filter+generated=>2d");
+      return false;
+    }
+    return true;
+>>>>>>> .merge-right.r272
+  }
+
+  virtual bool match(EventLogRecord &record) {
+    bool bMatch = !data.bFilterIn;
+    for (filter_iterator cit3 = data.filters.begin(); cit3 != data.filters.end(); ++cit3) {
+      std::wstring reason;
+      int mode = (*cit3).first;
+      bool bTmpMatched = (*cit3).second.matchFilter(record);
+      if (data.bFilterAll) {
+        if (!bTmpMatched) {
+          bMatch = false;
+          break;
+        }
+      } else {
+        if (bTmpMatched) {
+          bMatch = true;
+          break;
+        }
+      }
+    }
+    if ((data.bFilterIn&&bMatch)||(!data.bFilterIn&&!bMatch)) {
+      return true;
+    }
+    return false;
+
+  }
+<<<<<<< .working
 
   std::wstring userSID() const {
@@ -255 +466 @@
 
     return dstr + ustr;
-  }
-
-  std::wstring enumStrings() const {
-    std::wstring ret;
-    TCHAR* p = reinterpret_cast<TCHAR*>(reinterpret_cast<LPBYTE>(pevlr_) + pevlr_->StringOffset);
-    for (unsigned int i =0;i<pevlr_->NumStrings;i++) {
-      std::wstring s = p;
-      if (!s.empty())
-        s += _T(", ");
-      ret += s;
-      p+= wcslen(p)+1;
-    }
-    return ret;
-  }
-
-  static DWORD appendType(DWORD dwType, std::wstring sType) {
-    return dwType | translateType(sType);
-  }
-  static DWORD subtractType(DWORD dwType, std::wstring sType) {
-    return dwType & (!translateType(sType));
-  }
+=======
+  std::wstring get_name() {
+    return _T("deprecated");
+>>>>>>> .merge-right.r272
+  }
+<<<<<<< .working
+=======
+  std::wstring get_subject() { return _T("TODO"); }
+>>>>>>> .merge-right.r272
+
+};
+struct second_mode_filter : public any_mode_filter  {
+  typedef filter_container::filterlist_type::const_iterator filter_iterator;
+
+  filter_container &data;
+  second_mode_filter(filter_container &data) : data(data) {}
+  bool boot() {return true;}
+  bool validate(std::wstring &message) {
+    if (data.filters.empty()) {
+      message = _T("No filters specified try adding: filter+generated=>2d");
+      return false;
+    }
+    return true;
+  }
+
+  virtual bool match(EventLogRecord &record) {
+    bool bMatch = !data.bFilterIn;
+    int i=0;
+    for (filter_iterator cit3 = data.filters.begin(); cit3 != data.filters.end(); ++cit3, i++ ) {
+      std::wstring reason;
+      int mode = (*cit3).first;
+      bool bTmpMatched = (*cit3).second.matchFilter(record);
+      if ((mode == filter_container::filter_minus)&&(bTmpMatched)) {
+        // a -<filter> hit so thrash item and bail out!
+        if (data.bDebug && (i>data.debugThreshold))
+          NSC_DEBUG_MSG_STD(_T("[") + strEx::itos(i) + _T("] Matched: - ") + (*cit3).second.to_string() + _T(" for: ") + record.render(data.bShowDescriptions, data.syntax));
+        return false;
+      } else if ((mode == filter_container::filter_plus)&&(!bTmpMatched)) {
+        // a +<filter> hit so keep item and bail out!
+        if (data.bDebug && (i>data.debugThreshold))
+          NSC_DEBUG_MSG_STD(_T("[") + strEx::itos(i) + _T("] Matched: + ") + (*cit3).second.to_string() + _T(" for: ") + record.render(data.bShowDescriptions, data.syntax));
+        return false;
+      } else if (bTmpMatched) {
+        if (data.bDebug && (i>data.debugThreshold))
+          NSC_DEBUG_MSG_STD(_T("[") + strEx::itos(i) + _T("] Matched: . ") + (*cit3).second.to_string() + _T(" for: ") + record.render(data.bShowDescriptions, data.syntax));
+        bMatch = true;
+      }
+    }
+    return bMatch;
+  }
+  std::wstring get_name() {
+    return _T("old");
+  }
+<<<<<<< .working
   static DWORD translateType(std::wstring sType) {
     if (sType == _T("error"))
@@ -330 +574 @@
       NSC_LOG_ERROR_STD(_T("Could not extract DLL for eventsource: ") + eventSource() + _T(": ") + e.what());
       return _T("");
-    }
-  }
-
+=======
+  std::wstring get_subject() { return _T("TODO"); }
+};
+
+struct where_mode_filter : public any_mode_filter {
+  filter_container &data;
+  std::string message;
+  parsers::where::parser<filter::where::type_obj> ast_parser;
+  filter::where::type_obj dummy;
+
+  where_mode_filter(filter_container &data) : data(data) {}
+  bool boot() {return true; }
+
+  bool validate(std::wstring &message) {
+    if (data.bDebug)
+      NSC_DEBUG_MSG_STD(_T("Parsing: ") + data.filter);
+
+    if (!ast_parser.parse(data.filter)) {
+      NSC_LOG_ERROR_STD(_T("Parsing failed of '") + data.filter + _T("' at: ") + ast_parser.rest);
+      message = _T("Parsing failed: ") + ast_parser.rest;
+      return false;
+>>>>>>> .merge-right.r272
+    }
+<<<<<<< .working
+  }
+=======
+    if (data.bDebug)
+      NSC_DEBUG_MSG_STD(_T("Parsing succeeded: ") + ast_parser.result_as_tree());
+
+    if (!ast_parser.derive_types(dummy) || dummy.has_error()) {
+      message = _T("Invalid types: ") + dummy.get_error();
+      return false;
+    }
+    if (data.bDebug)
+      NSC_DEBUG_MSG_STD(_T("Type resolution succeeded: ") + ast_parser.result_as_tree());
+>>>>>>> .merge-right.r272
+
+<<<<<<< .working
   std::wstring render_message() {
     std::vector<std::wstring> args;
@@ -343 +622 @@
       p = &(p[len+1]);
       //p += len+1;
-    }
-
+=======
+    if (!ast_parser.bind(dummy) || dummy.has_error()) {
+      message = _T("Variable and function binding failed: ") + dummy.get_error();
+      return false;
+>>>>>>> .merge-right.r272
+    }
+    if (data.bDebug)
+      NSC_DEBUG_MSG_STD(_T("Binding succeeded: ") + ast_parser.result_as_tree());
+
+<<<<<<< .working
     std::wstring ret;
     strEx::splitList dlls = strEx::splitEx(get_dll(), _T(";"));
@@ -369 +656 @@
         ret += msg;
       }
-    }
+=======
+    if (!ast_parser.static_eval(dummy) || dummy.has_error()) {
+      message = _T("Static evaluation failed: ") + dummy.get_error();
+      return false;
+    }
+    if (data.bDebug)
+      NSC_DEBUG_MSG_STD(_T("Static evaluation succeeded: ") + ast_parser.result_as_tree());
+
+    return true;
+  }
+  virtual bool match(EventLogRecord &record) {
+    filter::where::type_obj obj(&record);
+    //NSC_DEBUG_MSG_STD(_T("Evaluating: ") + ast_parser.result_as_tree() + _T(": ") + strEx::itos(record.severity()) + _T(" >> ") + strEx::itos(ast_parser.evaluate(obj)));
+    bool ret = ast_parser.evaluate(obj);
+    if (obj.has_error()) {
+      NSC_LOG_ERROR_STD(_T("Error: ") + obj.get_error());
+>>>>>>> .merge-right.r272
+    }
+<<<<<<< .working
     delete [] pArgs;
+=======
+>>>>>>> .merge-right.r272
     return ret;
   }
+<<<<<<< .working
   // SYSTEMTIME 
   boost::posix_time::ptime get_time(DWORD time) {
@@ -379 +687 @@
     __int64 lgTemp;
     __int64 SecsTo1970 = 116444736000000000;
-
-    lgTemp = Int32x32To64(time,10000000) + SecsTo1970;
-
-    FileTime.dwLowDateTime = (DWORD) lgTemp;
-    FileTime.dwHighDateTime = (DWORD)(lgTemp >> 32);
-
+=======
+  std::wstring get_name() {
+    return _T("where");
+  }
+  std::wstring get_subject() { return data.filter; }
+};
+>>>>>>> .merge-right.r272
+
+
+
+<<<<<<< .working
     return boost::date_time::time_from_ftime<boost::posix_time::ptime>(FileTime);
 
@@ -394 +707 @@
     */
   }
-
+=======
+void CheckEventLog::parse(std::wstring expr) {
+//return false;
+/*
+  my_type_obj obj1(123);
+  std::wcout << _T("Result (001): ") << ast_parser.evaluate(obj1) << std::endl;
+  my_type_obj obj2(321);
+  std::wcout << _T("Result (002): ") << ast_parser.evaluate(obj2) << std::endl;
+  */
+}
+>>>>>>> .merge-right.r272
+
+<<<<<<< .working
   boost::posix_time::ptime get_time_generated() {
     return get_time(pevlr_->TimeGenerated);
-  }
+=======
+bool CheckEventLog::loadModule() {
+  try {
+    NSCModuleHelper::registerCommand(_T("CheckEventLog"), _T("Check for errors in the event logger!"));
+    debug_ = NSCModuleHelper::getSettingsInt(EVENTLOG_SECTION_TITLE, EVENTLOG_DEBUG, EVENTLOG_DEBUG_DEFAULT)==1;
+    lookup_names_ = NSCModuleHelper::getSettingsInt(EVENTLOG_SECTION_TITLE, EVENTLOG_LOOKUP_NAMES, EVENTLOG_LOOKUP_NAMES_DEFAULT)==1;
+    syntax_ = NSCModuleHelper::getSettingsString(EVENTLOG_SECTION_TITLE, EVENTLOG_SYNTAX, EVENTLOG_SYNTAX_DEFAULT);
+    buffer_length_ = NSCModuleHelper::getSettingsInt(EVENTLOG_SECTION_TITLE, EVENTLOG_BUFFER, EVENTLOG_BUFFER_DEFAULT);
+  } catch (NSCModuleHelper::NSCMHExcpetion &e) {
+    NSC_LOG_ERROR_STD(_T("Failed to register command: ") + e.msg_);
+  } catch (...) {
+    NSC_LOG_ERROR_STD(_T("Failed to register command."));
+>>>>>>> .merge-right.r272
+  }
+<<<<<<< .working
   boost::posix_time::ptime get_time_written() {
     return get_time(pevlr_->TimeWritten);
   }
-
-  std::wstring render(bool propper, std::wstring syntax, std::wstring date_format = DATE_FORMAT) {
-    if (propper) {
-      // To obtain the appropriate message string from the message file, load the message file with the LoadLibrary function and use the FormatMessage function
-      strEx::replace(syntax, _T("%message%"), render_message());
-    } else {
-      strEx::replace(syntax, _T("%message%"), _T("%message% needs the descriptions flag set!"));
-    }
+=======
+  /*
+  parse(_T("321 = 123"));
+  parse(_T("123 = 123"));
+  parse(_T("id = 123"));
+  parse(_T("id = 321"));
+>>>>>>> .merge-right.r272
+
+  parse(_T("id = '123'"));
+  parse(_T("id = '321'"));
+
+  parse(_T("id = convert(123)"));
+  parse(_T("id = convert(321)"));
+
+  parse(_T("id = 123 AND 123 = 123 AND id = 123x"));
+  parse(_T("id = 123 AND 123 = 321 OR 123 = 456 OR 123 = 123"));
+  
+  parse(_T("foo"));
+  parse(_T("1"));
+  parse(_T("foo = "));
+  parse(_T("foo = 1"));
+  parse(_T("'foo' = 1"));
+  parse(_T("foo = '1'"));
+  parse(_T("'hello'='world'"));
+
+  parse(_T("foo = bar"));
+  parse(_T("foo = bar AND bar = foo"));
+  parse(_T("foo = bar AND bar = 1"));
+  parse(_T("foo = bar AND bar = foo OR foo = bar"));
+  parse(_T("foo = bar AND bar = 1 OR foo = 1"));
+  parse(_T(" foo = bar AND ( test > 120 OR foo < 123) OR ugh IN (123, 456, 789)"));
+
+  parse(_T("aaa = 111 OR bbb = 222 OR ccc = 333"));
+  parse(_T("(aaa = 111) OR bbb = 222 OR ccc = 333"));
+  parse(_T("(aaa = 111 OR bbb = 222) OR ccc = 333"));
+  parse(_T("(aaa = 111 OR bbb = 222 OR ccc = 333)"));
+  parse(_T("aaa = 111 OR (bbb = 222 OR ccc = 333)"));
+  parse(_T("aaa = 111 OR bbb = 222 OR (ccc = 333)"));
+  parse(_T("ccc = -333"));
+  parse(_T("ccc = -333 AND ccc = to_date('AABBCC', 1234)"));
+  parse(_T("aaa = 111 OR bbb = 222 OR (ccc = -333)"));
+  parse(_T("ccc = -333 AND ccc = to_date('AABBCC', 1234) OR aaa = 123x"));
+  parse(_T("ccc = -333 AND ccc = to_date('AABBCC', 1234) OR aaa = 123x OR 123r = foo123"));
+*/
+  return true;
+}
+bool CheckEventLog::unloadModule() {
+  return true;
+}
+
+bool CheckEventLog::hasCommandHandler() {
+  return true;
+}
+bool CheckEventLog::hasMessageHandler() {
+  return false;
+}
+
+
+std::wstring find_eventlog_name(std::wstring name) {
+  try {
+    simple_registry::registry_key key(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\Services\\EventLog"));
+    std::list<std::wstring> list = key.get_keys();
+    for (std::list<std::wstring>::const_iterator cit = list.begin(); cit != list.end(); ++cit) {
+      try {
+        simple_registry::registry_key sub_key(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\Services\\EventLog\\") + *cit);
+        std::wstring file = sub_key.get_string(_T("DisplayNameFile"));
+        int id = sub_key.get_int(_T("DisplayNameID"));
+        std::wstring real_name = error::format::message::from_module(file, id);
+        strEx::replace(real_name, _T("\n"), _T(""));
+        strEx::replace(real_name, _T("\r"), _T(""));
+        NSC_DEBUG_MSG(_T("Attempting to match: ") + real_name + _T(" with ") + name);
+        if (real_name == name)
+          return *cit;
+      } catch (simple_registry::registry_exception &e) { e;}
+    }
+<<<<<<< .working
 
     strEx::replace(syntax, _T("%source%"), eventSource());
@@ -419 +826 @@
     strEx::replace(syntax, _T("%user%"), userSID());
     return syntax;
-  }
-};
-/*
-return (pevlr_->EventID&0xffff);
+=======
+    return name;
+  } catch (simple_registry::registry_exception &e) {
+    NSC_DEBUG_MSG(_T("Failed to get eventlog name (assuming shorthand): ") + e.what());
+    return name;
+  } catch (...) {
+    NSC_DEBUG_MSG(_T("Failed to get eventlog name (assuming shorthand)"));
+    return name;
+>>>>>>> .merge-right.r272
+  }
 }
-inline DWORD severity() const {
-return (pevlr_->EventID>>30);
-*/
+
+
+
 class uniq_eventlog_record {
   DWORD ID;
@@ -444 +857 @@
 
 
-struct eventlog_filter {
-  filters::filter_all_strings eventSource;
-  filters::filter_all_numeric<unsigned int, filters::handlers::eventtype_handler> eventType;
-  filters::filter_all_numeric<unsigned int, filters::handlers::eventseverity_handler> eventSeverity;
-  filters::filter_all_strings message;
-  filters::filter_all_times timeWritten;
-  filters::filter_all_times timeGenerated;
-  filters::filter_all_numeric<DWORD, filters::handlers::eventtype_handler> eventID;
-  std::wstring value_;
-
-  inline bool hasFilter() {
-    return eventSource.hasFilter() || eventType.hasFilter() || eventID.hasFilter() || eventSeverity.hasFilter() || message.hasFilter() || 
-      timeWritten.hasFilter() || timeGenerated.hasFilter();
-  }
-  std::wstring getValue() const {
-    if (eventSource.hasFilter())
-      return _T("event-source: ") + eventSource.getValue();
-    if (eventType.hasFilter())
-      return _T("event-type: ") + eventType.getValue();
-    if (eventSeverity.hasFilter())
-      return _T("severity: ") + eventSeverity.getValue();
-    if (eventID.hasFilter())
-      return _T("event-id: ") + eventID.getValue();
-    if (message.hasFilter())
-      return _T("message: ") + message.getValue();
-    if (timeWritten.hasFilter())
-      return _T("time-written: ") + timeWritten.getValue();
-    if (timeGenerated.hasFilter())
-      return _T("time-generated: ") + timeGenerated.getValue();
-    return _T("UNknown...");
-  }
-  bool matchFilter(const EventLogRecord &value) const {
-    if ((eventSource.hasFilter())&&(eventSource.matchFilter(value.eventSource())))
-      return true;
-    else if ((eventType.hasFilter())&&(eventType.matchFilter(value.eventType())))
-      return true;
-    else if ((eventSeverity.hasFilter())&&(eventSeverity.matchFilter(value.severity())))
-      return true;
-    else if ((eventID.hasFilter())&&(eventID.matchFilter(value.eventID()))) 
-      return true;
-    else if ((message.hasFilter())&&(message.matchFilter(value.enumStrings())))
-      return true;
-    else if ((timeWritten.hasFilter())&&(timeWritten.matchFilter(value.timeWritten())))
-      return true;
-    else if ((timeGenerated.hasFilter())&&(timeGenerated.matchFilter(value.timeGenerated())))
-      return true;
-    return false;
-  }
-};
+
 
 
 #define MAP_FILTER(value, obj, filtermode) \
-      else if (p__.first == value) { eventlog_filter filter; filter.obj = p__.second; filter_chain.push_back(filteritem_type(filtermode, filter)); }
+      else if (p__.first == value) { filter.obj = p__.second; if (bPush) { data.filters.push_back(filter_container::filteritem_type(filtermode, filter)); filter = eventlog_filter(); } }
+#define MAP_FILTER_LAST(value, obj) \
+      else if (p__.first == value) { data.filters.front().second.obj = p__.second; }
 
 struct event_log_buffer {
@@ -515 +882 @@
 };
 
+<<<<<<< .working
+
+#define MAP_FILTER(value, obj, filtermode) \
+      else if (p__.first == value) { eventlog_filter filter; filter.obj = p__.second; filter_chain.push_back(filteritem_type(filtermode, filter)); }
+
+struct event_log_buffer {
+  BYTE *bBuffer;
+  DWORD bufferSize_;
+  event_log_buffer(DWORD bufferSize) : bufferSize_(bufferSize) {
+    bBuffer = new BYTE[bufferSize+10];
+  }
+  ~event_log_buffer() {
+    delete [] bBuffer;
+  }
+  EVENTLOGRECORD* getBufferUnsafe() {
+    return reinterpret_cast<EVENTLOGRECORD*>(bBuffer);
+  }
+  DWORD getBufferSize() {
+    return bufferSize_;
+  }
+};
+
+=======
+>>>>>>> .merge-right.r272
 NSCAPI::nagiosReturn CheckEventLog::handleCommand(const strEx::blindstr command, const unsigned int argLen, TCHAR **char_args, std::wstring &message, std::wstring &perf) {
   if (command != _T("CheckEventLog"))
     return NSCAPI::returnIgnored;
+<<<<<<< .working
   typedef checkHolders::CheckContainer<checkHolders::MaxMinBoundsULongInteger> EventLogQuery1Container;
   typedef checkHolders::CheckContainer<checkHolders::ExactBoundsULongInteger> EventLogQuery2Container;
@@ -523 +915 @@
   typedef std::pair<int,eventlog_filter> filteritem_type;
   typedef std::list<filteritem_type > filterlist_type;
+=======
+  simple_timer time;
+  typedef checkHolders::CheckContainer<checkHolders::MaxMinBoundsULongInteger> EventLogQuery1Container;
+  typedef checkHolders::CheckContainer<checkHolders::ExactBoundsULongInteger> EventLogQuery2Container;
+  
+>>>>>>> .merge-right.r272
   NSCAPI::nagiosReturn returnCode = NSCAPI::returnOK;
   std::list<std::wstring> stl_args = arrayBuffer::arrayBuffer2list(argLen, char_args);
 
   std::list<std::wstring> files;
+<<<<<<< .working
   filterlist_type filter_chain;
   EventLogQuery1Container query1;
   EventLogQuery2Container query2;
+=======
+  EventLogQuery1Container query1;
+  EventLogQuery2Container query2;
+>>>>>>> .merge-right.r272
+
+
+  filter_container data(syntax_, debug_);
 
   bool bPerfData = true;
+<<<<<<< .working
   bool bFilterIn = true;
   bool bFilterAll = false;
   bool bFilterNew = true;
   bool bShowDescriptions = false;
+=======
+  bool bFilterNew = true;
+>>>>>>> .merge-right.r272
   bool unique = false;
   unsigned int truncate = 0;
-  std::wstring syntax = syntax_;
-  const int filter_plus = 1;
-  const int filter_minus = 2;
-  const int filter_normal = 3;
-  const int filter_compat = 3;
+  event_log_buffer buffer(buffer_length_);
+  bool bPush = true;
+  eventlog_filter filter;
+  /*
+  try {
+    event_log_buffer buffer(buffer_length_);
+  } catch (std::exception e) {
+    message = std::wstring(_T("Failed to allocate memory: ")) + strEx::string_to_wstring(e.what());
+    return NSCAPI::returnUNKNOWN;
+  }
+  */
   event_log_buffer buffer(buffer_length_);
   /*
@@ -559 +975 @@
       MAP_OPTIONS_STR2INT(_T("truncate"), truncate)
       MAP_OPTIONS_BOOL_TRUE(_T("unique"), unique)
-      MAP_OPTIONS_BOOL_TRUE(_T("descriptions"), bShowDescriptions)
+      MAP_OPTIONS_BOOL_TRUE(_T("descriptions"), data.bShowDescriptions)
       MAP_OPTIONS_PUSH(_T("file"), files)
       MAP_OPTIONS_BOOL_FALSE(IGNORE_PERFDATA, bPerfData)
       MAP_OPTIONS_BOOL_EX(_T("filter"), bFilterNew, _T("new"), _T("old"))
-      MAP_OPTIONS_BOOL_EX(_T("filter"), bFilterIn, _T("in"), _T("out"))
-      MAP_OPTIONS_BOOL_EX(_T("filter"), bFilterAll, _T("all"), _T("any"))
-      MAP_OPTIONS_STR(_T("syntax"), syntax)
+      MAP_OPTIONS_BOOL_EX(_T("filter"), data.bFilterIn, _T("in"), _T("out"))
+      MAP_OPTIONS_BOOL_EX(_T("filter"), data.bFilterAll, _T("all"), _T("any"))
+      MAP_OPTIONS_BOOL_EX(_T("debug"), data.bDebug, _T("true"), _T("false"))
+      MAP_OPTIONS_STR2INT(_T("debug-threshold"), data.debugThreshold)
+      MAP_OPTIONS_STR(_T("syntax"), data.syntax)
       /*
       MAP_FILTER_OLD("filter-eventType", eventType)
@@ -575 +993 @@
       MAP_FILTER_OLD("filter-message", message)
 */
-      MAP_FILTER(_T("filter+eventType"), eventType, filter_plus)
-      MAP_FILTER(_T("filter+severity"), eventSeverity, filter_plus)
-      MAP_FILTER(_T("filter+eventID"), eventID, filter_plus)
-      MAP_FILTER(_T("filter+eventSource"), eventSource, filter_plus)
-      MAP_FILTER(_T("filter+generated"), timeGenerated, filter_plus)
-      MAP_FILTER(_T("filter+written"), timeWritten, filter_plus)
-      MAP_FILTER(_T("filter+message"), message, filter_plus)
-
-      MAP_FILTER(_T("filter.eventType"), eventType, filter_normal)
-      MAP_FILTER(_T("filter.severity"), eventSeverity, filter_normal)
-      MAP_FILTER(_T("filter.eventID"), eventID, filter_normal)
-      MAP_FILTER(_T("filter.eventSource"), eventSource, filter_normal)
-      MAP_FILTER(_T("filter.generated"), timeGenerated, filter_normal)
-      MAP_FILTER(_T("filter.written"), timeWritten, filter_normal)
-      MAP_FILTER(_T("filter.message"), message, filter_normal)
-
-      MAP_FILTER(_T("filter-eventType"), eventType, filter_minus)
-      MAP_FILTER(_T("filter-severity"), eventSeverity, filter_minus)
-      MAP_FILTER(_T("filter-eventID"), eventID, filter_minus)
-      MAP_FILTER(_T("filter-eventSource"), eventSource, filter_minus)
-      MAP_FILTER(_T("filter-generated"), timeGenerated, filter_minus)
-      MAP_FILTER(_T("filter-written"), timeWritten, filter_minus)
-      MAP_FILTER(_T("filter-message"), message, filter_minus)
+      MAP_FILTER(_T("filter+eventType"), eventType, filter_container::filter_plus)
+      MAP_FILTER(_T("filter+severity"), eventSeverity, filter_container::filter_plus)
+      MAP_FILTER(_T("filter+eventID"), eventID, filter_container::filter_plus)
+      MAP_FILTER(_T("filter+eventSource"), eventSource, filter_container::filter_plus)
+      MAP_FILTER(_T("filter+generated"), timeGenerated, filter_container::filter_plus)
+      MAP_FILTER(_T("filter+written"), timeWritten, filter_container::filter_plus)
+      MAP_FILTER(_T("filter+message"), message, filter_container::filter_plus)
+
+      MAP_FILTER(_T("filter.eventType"), eventType, filter_container::filter_normal)
+      MAP_FILTER(_T("filter.severity"), eventSeverity, filter_container::filter_normal)
+      MAP_FILTER(_T("filter.eventID"), eventID, filter_container::filter_normal)
+      MAP_FILTER(_T("filter.eventSource"), eventSource, filter_container::filter_normal)
+      MAP_FILTER(_T("filter.generated"), timeGenerated, filter_container::filter_normal)
+      MAP_FILTER(_T("filter.written"), timeWritten, filter_container::filter_normal)
+      MAP_FILTER(_T("filter.message"), message, filter_container::filter_normal)
+
+      MAP_FILTER(_T("filter-eventType"), eventType, filter_container::filter_minus)
+      MAP_FILTER(_T("filter-severity"), eventSeverity, filter_container::filter_minus)
+      MAP_FILTER(_T("filter-eventID"), eventID, filter_container::filter_minus)
+      MAP_FILTER(_T("filter-eventSource"), eventSource, filter_container::filter_minus)
+      MAP_FILTER(_T("filter-generated"), timeGenerated, filter_container::filter_minus)
+      MAP_FILTER(_T("filter-written"), timeWritten, filter_container::filter_minus)
+      MAP_FILTER(_T("filter-message"), message, filter_container::filter_minus)
+
+      MAP_FILTER_LAST(_T("append-filter-eventType"), eventType)
+      MAP_FILTER_LAST(_T("append-filter-severity"), eventSeverity)
+      MAP_FILTER_LAST(_T("append-filter-eventID"), eventID)
+      MAP_FILTER_LAST(_T("append-filter-eventSource"), eventSource)
+      MAP_FILTER_LAST(_T("append-filter-generated"), timeGenerated)
+      MAP_FILTER_LAST(_T("append-filter-written"), timeWritten)
+      MAP_FILTER_LAST(_T("append-filter-message"), message)
+
+      MAP_OPTIONS_STR(_T("filter"), data.filter)
 
       MAP_OPTIONS_MISSING(message, _T("Unknown argument: "))
@@ -622 +1050 @@
   bool buffer_error_reported = false;
 
+  if (data.bDebug) {
+    std::wstring str;
+    BOOST_FOREACH(filter_container::filteritem_type item, data.filters) {
+      if (item.first == filter_container::filter_normal)
+        str += _T(". {");
+      else if (item.first == filter_container::filter_plus)
+        str += _T("+ {");
+      else if (item.first == filter_container::filter_minus)
+        str += _T("- {");
+      else 
+        str += _T("? {");
+
+      str += item.second.to_string() + _T(" }");
+    }
+    NSC_DEBUG_MSG_STD(_T("Filter: ") + str);
+  }
+
+  boost::shared_ptr<any_mode_filter> filter_impl;
+  if (bFilterNew) {
+    filter_impl = boost::shared_ptr<any_mode_filter>(new second_mode_filter(data));
+  } else {
+    filter_impl = boost::shared_ptr<any_mode_filter>(new second_mode_filter(data));
+  } if (!data.filter.empty()) {
+    filter_impl = boost::shared_ptr<any_mode_filter>(new where_mode_filter(data));
+  }
+
+  if (!filter_impl) {
+    message = _T("Failed to initialize filter subsystem.");
+    return NSCAPI::returnUNKNOWN;
+  }
+
+  filter_impl->boot();
+
+  __time64_t ltime;
+  _time64(&ltime);
+
+  NSC_DEBUG_MSG_STD(_T("Using: ") + filter_impl->get_name() + _T(" ") + filter_impl->get_subject());
+
+  if (!filter_impl->validate(message)) {
+    return NSCAPI::returnUNKNOWN;
+  }
+
+
+  NSC_DEBUG_MSG_STD(_T("Boot time: ") + strEx::itos(time.stop()));
+
   for (std::list<std::wstring>::const_iterator cit2 = files.begin(); cit2 != files.end(); ++cit2) {
     std::wstring name = *cit2;
@@ -641 +1114 @@
 
 
-    __time64_t ltime;
-    _time64(&ltime);
-
     //GetOldestEventLogRecord(hLog, &dwThisRecord);
 
+<<<<<<< .working
     while (true) {
       BOOL bStatus = ReadEventLog(hLog, EVENTLOG_FORWARDS_READ|EVENTLOG_SEQUENTIAL_READ,
@@ -673 +1144 @@
         if (filter_chain.empty()) {
           message = _T("No filters specified try adding: filter+generated=>2d");
+=======
+    while (true) {
+      BOOL bStatus = ReadEventLog(hLog, EVENTLOG_FORWARDS_READ|EVENTLOG_SEQUENTIAL_READ,
+        0, buffer.getBufferUnsafe(), buffer.getBufferSize(), &dwRead, &dwNeeded);
+      if (bStatus == FALSE) {
+        DWORD err = GetLastError();
+        if (err == ERROR_INSUFFICIENT_BUFFER) {
+          if (!buffer_error_reported) {
+            NSC_LOG_ERROR_STD(_T("EvenlogBuffer is too small change the value of ") + EVENTLOG_BUFFER + _T("=") + strEx::itos(dwNeeded+1) + _T(" under [EventLog] in nsc.ini : ") + error::lookup::last_error(err));
+            buffer_error_reported = true;
+          }
+        } else if (err == ERROR_HANDLE_EOF) {
+          break;
+        } else {
+          NSC_LOG_ERROR_STD(_T("Failed to read from eventlog: ") + error::lookup::last_error(err));
+          message = _T("Failed to read from eventlog: ") + error::lookup::last_error(err);
+          CloseEventLog(hLog);
+>>>>>>> .merge-right.r272
           return NSCAPI::returnUNKNOWN;
         }
-
-
-        for (filterlist_type::const_iterator cit3 = filter_chain.begin(); cit3 != filter_chain.end(); ++cit3 ) {
-          std::wstring reason;
-          int mode = (*cit3).first;
-          bool bTmpMatched = (*cit3).second.matchFilter(record);
-          if (!bFilterNew) {
-            if (bFilterAll) {
-              if (!bTmpMatched) {
-                bMatch = false;
-                break;
-              }
-            } else {
-              if (bTmpMatched) {
-                bMatch = true;
-                break;
-              }
-            }
-          } else {
-            if ((mode == filter_minus)&&(bTmpMatched)) {
-              // a -<filter> hit so thrash item and bail out!
-              if (debug_)
-                NSC_DEBUG_MSG_STD(_T("Matched: - ") + (*cit3).second.getValue() + _T(" for: ") + record.render(bShowDescriptions, syntax));
-              bMatch = false;
-              break;
-            } else if ((mode == filter_plus)&&(!bTmpMatched)) {
-              // a +<filter> missed hit so thrash item and bail out!
-              if (debug_)
-                NSC_DEBUG_MSG_STD(_T("Matched: + ") + (*cit3).second.getValue() + _T(" for: ") + record.render(bShowDescriptions, syntax));
-              bMatch = false;
-              break;
-            } else if (bTmpMatched) {
-              if (debug_)
-                NSC_DEBUG_MSG_STD(_T("Matched: . (contiunue): ") + (*cit3).second.getValue() + _T(" for: ") + record.render(bShowDescriptions, syntax));
-              bMatch = true;
-            }
-          }
-        }
-        bool match = false;
-        if ((!bFilterNew)&&((bFilterIn&&bMatch)||(!bFilterIn&&!bMatch))) {
-          match = true;
-        } else if (bFilterNew&&bMatch) {
-          match = true;
-        }
+      }
+      EVENTLOGRECORD *pevlr = buffer.getBufferUnsafe(); 
+      while (dwRead > 0) { 
+        EventLogRecord record((*cit2), pevlr, ltime);
+        bool match = filter_impl->match(record);
         if (match&&unique) {
           match = false;
@@ -728 +1178 @@
           }
           else {
-            if (!syntax.empty()) {
-              uniq_record.message = record.render(bShowDescriptions, syntax);
-            } else if (!bShowDescriptions) {
+            if (!data.syntax.empty()) {
+              uniq_record.message = record.render(data.bShowDescriptions, data.syntax);
+            } else if (!data.bShowDescriptions) {
               uniq_record.message = record.eventSource();
             } else {
@@ -743 +1193 @@
           hit_count++;
         } else if (match) {
-          if (!syntax.empty()) {
-            strEx::append_list(message, record.render(bShowDescriptions, syntax));
-          } else if (!bShowDescriptions) {
+          if (!data.syntax.empty()) {
+            strEx::append_list(message, record.render(data.bShowDescriptions, data.syntax));
+          } else if (!data.bShowDescriptions) {
             strEx::append_list(message, record.eventSource());
           } else {
@@ -758 +1208 @@
         pevlr = reinterpret_cast<EVENTLOGRECORD*>((LPBYTE)pevlr + pevlr->Length); 
       } 
+<<<<<<< .working
     } 
+=======
+    }
+>>>>>>> .merge-right.r272
     DWORD err = GetLastError();
     if (err == ERROR_INSUFFICIENT_BUFFER) {
@@ -776 +1230 @@
     }
   }
+  NSC_DEBUG_MSG_STD(_T("Evaluation time: ") + strEx::itos(time.stop()));
 
   if (!bPerfData) {

trunk/modules/CheckEventLog/CheckEventLog.h

@@ -52 +52 @@
   }
 
+  void parse(std::wstring expr);
 
   bool hasCommandHandler();

trunk/modules/CheckExternalScripts/CheckExternalScripts.cpp

@@ -56 +56 @@
     }
   }
+}
+
+
+std::wstring CheckExternalScripts::getWrapping(std::wstring val) {
+  strEx::token tok = strEx::getToken(val, ' ', true);
+  std::wstring::size_type pos = tok.first.find_last_of(_T("."));
+  if (pos == std::wstring::npos)
+    return _T("");
+  return tok.first.substr(pos+1);
+}
+
+void CheckExternalScripts::addWrappedCommand(std::wstring key, std::wstring tpl, std::wstring command ) {
+  strEx::token tok = strEx::getToken(command, ' ', true);
+  strEx::replace(tpl, _T("%SCRIPT%"), tok.first);
+  strEx::replace(tpl, _T("%ARGS%"), tok.second);
+  tok = strEx::getToken(tpl, ' ', true);
+  addCommand(key.c_str(),tok.first, tok.second);
 }
 
@@ -99 +116 @@
   }
 
+  std::map<std::wstring,std::wstring> wrappers;
+  std::list<std::wstring> wrappings = GET_CORE()->getSettingsSection(setting_keys::external_scripts::WRAPPINGS_SECTION_PATH);
+  for (it = wrappings.begin(); it != wrappings.end(); ++it) {
+    std::wstring val = GET_CORE()->getSettingsString(setting_keys::external_scripts::WRAPPINGS_SECTION_PATH, *it, _T(""));
+    if (!(*it).empty() && !val.empty()) {
+      wrappers[(*it)] = val;
+    }
+  }
+  std::list<std::wstring> wscript = GET_CORE()->getSettingsSection(setting_keys::external_scripts::WRAPPED_SCRIPT_PATH);
+  for (it = wscript.begin(); it != wscript.end(); ++it) {
+    std::wstring val = GET_CORE()->getSettingsString(setting_keys::external_scripts::WRAPPED_SCRIPT_PATH, *it, _T(""));
+    if (!(*it).empty() && !val.empty()) {
+      std::wstring type = getWrapping(val);
+      std::map<std::wstring,std::wstring>::const_iterator cit = wrappers.find(type);
+      if (cit == wrappers.end()) {
+        NSC_LOG_ERROR_STD(_T("Failed to find wrappings for: ") + type + _T(" (" + (*it) + _T(")")));
+      } else {
+        addWrappedCommand((*it), (*cit).second, val);
+      }
+    }
+  }
+
   if (!scriptDirectory_.empty()) {
     addAllScriptsFrom(scriptDirectory_);

trunk/modules/CheckExternalScripts/CheckExternalScripts.h

@@ -96 +96 @@
     GET_CORE()->registerCommand(key, _T("Alias for: ") + cd.to_string());
   }
+  std::wstring getWrapping( std::wstring val );
+  void addWrappedCommand( std::wstring key, std::wstring tpl, std::wstring command );
 };
 

trunk/modules/CheckHelpers/CheckHelpers.cpp

@@ -86 +86 @@
     GET_CORE()->InjectSimpleCommand(new_command, arguments, message, perf);
     return NSCAPI::returnOK;
-  } else if (command == _T("checkalwayscritical")) {
-    if (arguments.size() < 1) {
+  } else if (command == _T("CheckOK")) {
+    return checkSimpleStatus(NSCAPI::returnOK, argLen, char_args, msg, perf);
+  } else if (command == _T("CheckWARNING")) {
+    return checkSimpleStatus(NSCAPI::returnWARN, argLen, char_args, msg, perf);
+  } else if (command == _T("CheckCRITICAL")) {
+    return checkSimpleStatus(NSCAPI::returnCRIT, argLen, char_args, msg, perf);
+  } else if (command == _T("CheckAlwaysCRITICAL")) {
+    if (arguments.size() < 2) {
       message = _T("ERROR: Missing arguments.");
       return NSCAPI::returnUNKNOWN;

trunk/modules/CheckSystem/CheckSystem.cpp

@@ -30 +30 @@
 #include <set>
 #include <sysinfo.h>
+#include <filter_framework.hpp>
+#include <simple_registry.hpp>
+
 #ifdef USE_BOOST
 #include <boost/regex.hpp>
@@ -77 +80 @@
     NSCModuleHelper::registerCommand(_T("checkCounter"), _T("Check a PDH counter."));
     NSCModuleHelper::registerCommand(_T("listCounterInstances"), _T("List all instances for a counter."));
+    NSCModuleHelper::registerCommand(_T("checkSingleRegEntry"), _T("Check registry key"));
+    
+    
   } catch (NSCModuleHelper::NSCMHExcpetion &e) {
     NSC_LOG_ERROR_STD(_T("Failed to register command: ") + e.msg_);
@@ -208 +214 @@
         }
       } else {
+        if ((*it).counters.size() == 0) {
+          std::wcout << _T("empty counter: ") << (*it).name << std::endl;
+        }
         for (PDH::Enumerations::Counters::const_iterator it2 = (*it).counters.begin();it2!=(*it).counters.end();++it2) {
           std::wstring counter = _T("\\") + (*it).name + _T("\\") + (*it2).name;
@@ -232 +241 @@
           }
           std::wcout << _T(" open ");
-          std::wcout << std::endl;;
+          std::wcout << std::endl;
         }
       }
@@ -264 +273 @@
         return 0;
       }
-      DWORD dw = PDH::PDHQuery::lookupIndex(name);
+      DWORD dw = PDH::PDHResolver::lookupIndex(name);
       NSC_LOG_MESSAGE_STD(_T("--+--[ Lookup Result ]----------------------------------------"));
       NSC_LOG_MESSAGE_STD(_T("  | Index for '") + name + _T("' is ") + strEx::itos(dw));
@@ -341 +350 @@
   } else if (command == _T("listCounterInstances")) {
     return listCounterInstances(argLen, char_args, msg, perf);
+  } else if (command == _T("checkSingleRegEntry")) {
+    return checkSingleRegEntry(argLen, char_args, msg, perf);
   }
   return NSCAPI::returnIgnored;
@@ -1164 +1175 @@
 }
 
+//////////////////////////////////////////////////////////////////////////
+//////////////////////////////////////////////////////////////////////////
+
+struct regkey_info {
+
+  std::wstring error;
+
+  static regkey_info get(__int64 now, std::wstring path) {
+    return regkey_info(now, path);
+  }
+
+  regkey_info() 
+    : ullLastWriteTime(0)
+    , iType(0)
+    , ullNow(0)
+    , uiExists(0)
+    , ullChildCount(0)
+  {}
+  regkey_info(__int64 now, std::wstring path) 
+    : path(path)
+    , ullLastWriteTime(0)
+    , iType(0)
+    , ullNow(now)
+    , uiExists(0)
+    , ullChildCount(0)
+  {
+    std::wstring key;
+    try {
+      std::wcout << _T("opening: ") << path << std::endl;
+      std::wstring::size_type pos = path.find_first_of(L'\\');
+      if (pos != std::wstring::npos)  {
+        key = path.substr(0, pos);
+        path = path.substr(pos+1);
+        std::wcout << key << _T(":") << path << std::endl;
+        simple_registry::registry_key rkey(simple_registry::parseHKEY(key), path);
+        info = rkey.get_info();
+        uiExists = 1;
+      } else {
+        error = _T("Failed to parse key");
+      }
+    } catch (simple_registry::registry_exception &e) {
+      try {
+        std::wstring::size_type pos = path.find_last_of(L'\\');
+        if (pos != std::wstring::npos)  {
+          std::wstring item = path.substr(pos+1);
+          path = path.substr(0, pos);
+          std::wcout << key << _T(":") << path << _T(".") << item << std::endl;
+          simple_registry::registry_key rkey(simple_registry::parseHKEY(key), path);
+          info = rkey.get_info(item);
+          uiExists = 1;
+        } else {
+          error = _T("Failed to parse key");
+        }
+      } catch (simple_registry::registry_exception &e) {
+        //error = e.what();
+      }
+    } catch (...) {
+      error = _T("Unknown exception");
+    }
+
+    //HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\MaxSize
+
+    // TODO get key info here!
+    //ullLastWriteTime = ((info.ftLastWriteTime.dwHighDateTime * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)info.ftLastWriteTime.dwLowDateTime);
+  };
+
+  unsigned long long ullSize;
+  __int64 ullLastWriteTime;
+  __int64 ullNow;
+  std::wstring filename;
+  std::wstring path;
+  unsigned long ullChildCount;
+  unsigned long uiExists;
+  unsigned int iType;
+  simple_registry::registry_key::reg_info info;
+
+  static const __int64 MSECS_TO_100NS = 10000;
+
+  __int64 get_written() {
+    return (ullNow-ullLastWriteTime)/MSECS_TO_100NS;
+  }
+  std::wstring render(std::wstring syntax) {
+    strEx::replace(syntax, _T("%path%"), path);
+    strEx::replace(syntax, _T("%key%"), filename);
+    strEx::replace(syntax, _T("%write%"), strEx::format_filetime(ullLastWriteTime, DATE_FORMAT));
+    strEx::replace(syntax, _T("%write-raw%"), strEx::itos(ullLastWriteTime));
+    strEx::replace(syntax, _T("%now-raw%"), strEx::itos(ullNow));
+    strEx::replace(syntax, _T("%type%"), strEx::itos_as_BKMG(iType));
+    strEx::replace(syntax, _T("%child-count%"), strEx::itos(ullChildCount));
+    strEx::replace(syntax, _T("%exists%"), strEx::itos(uiExists));
+    strEx::replace(syntax, _T("%int%"), strEx::itos(info.iValue));
+    strEx::replace(syntax, _T("%int-value%"), strEx::itos(info.iValue));
+    strEx::replace(syntax, _T("%string%"), info.sValue);
+    strEx::replace(syntax, _T("%string-value%"), info.sValue);
+    return syntax;
+  }
+};
+
+
+struct regkey_filter {
+  filters::filter_all_times written;
+  filters::filter_all_num_ul type;
+  filters::filter_all_num_ul exists;
+  filters::filter_all_num_ul child_count;
+  filters::filter_all_num_ll value_int;
+  filters::filter_all_strings value_string;
+
+  inline bool hasFilter() {
+    return type.hasFilter() || exists.hasFilter() || written.hasFilter() || child_count.hasFilter() || value_int.hasFilter() || value_string.hasFilter();
+  }
+  bool matchFilter(regkey_info &value) const {
+    if ((written.hasFilter())&&(written.matchFilter(value.get_written())))
+      return true;
+    else if (type.hasFilter()&&type.matchFilter(value.iType))
+      return true;
+    else if (exists.hasFilter()&&exists.matchFilter(value.uiExists))
+      return true;
+    else if ((child_count.hasFilter())&&(child_count.matchFilter(value.ullChildCount)))
+      return true;
+    else if ((value_int.hasFilter())&&(value_int.matchFilter(value.info.iValue)))
+      return true;
+    else if ((value_string.hasFilter())&&(value_string.matchFilter(value.info.sValue)))
+      return true;
+    return false;
+  }
+
+  std::wstring getValue() const {
+    if (written.hasFilter())
+      return _T("written: ") + written.getValue();
+    if (type.hasFilter())
+      return _T("type: ") + type.getValue();
+    if (exists.hasFilter())
+      return _T("exists: ") + exists.getValue();
+    if (child_count.hasFilter())
+      return _T("child_count: ") + child_count.getValue();
+    if (value_int.hasFilter())
+      return _T("value(i): ") + value_int.getValue();
+    if (value_string.hasFilter())
+      return _T("value(s): ") + value_string.getValue();
+    return _T("UNknown...");
+  }
+
+};
+
+
+struct regkey_container : public regkey_info {
+
+  static regkey_container get(std::wstring path, unsigned long long now) {
+    return regkey_container(now, path);
+  }
+
+
+  regkey_container(__int64 now, std::wstring path) : regkey_info(now, path) {}
+
+  bool has_errors() {
+    return !error.empty();
+  }
+  std::wstring get_error() {
+    return error;
+  }
+
+};
+
+
+class regkey_type_handler {
+public:
+  static int parse(std::wstring s) {
+    return 1;
+  }
+  static std::wstring print(int value) {
+    return _T("unknown");
+  }
+  static std::wstring print_unformated(int value) {
+    return strEx::itos(value);
+  }
+  static std::wstring key_prefix() {
+    return _T("");
+  }
+  static std::wstring key_postfix() {
+    return _T("");
+  }
+  static std::wstring get_perf_unit(int  value) {
+    return _T("");
+  }
+  static std::wstring print_perf(int  value, std::wstring unit) {
+    return strEx::itos(value);
+  }
+};
+class regkey_exists_handler {
+public:
+  static int parse(std::wstring s) {
+    if (s  == _T("true"))
+      return 1;
+    return 0;
+  }
+  static std::wstring print(int value) {
+    return value==1?_T("true"):_T("false");
+  }
+  static std::wstring print_unformated(int value) {
+    return strEx::itos(value);
+  }
+  static std::wstring key_prefix() {
+    return _T("");
+  }
+  static std::wstring key_postfix() {
+    return _T("");
+  }
+  static std::wstring get_perf_unit(int value) {
+    return _T("");
+  }
+  static std::wstring print_perf(int  value, std::wstring unit) {
+    return strEx::itos(value);
+  }
+};
+
+typedef checkHolders::CheckContainer<checkHolders::ExactBounds<checkHolders::NumericBounds<int, regkey_type_handler> > > RegTypeContainer;
+typedef checkHolders::CheckContainer<checkHolders::ExactBounds<checkHolders::NumericBounds<int, regkey_exists_handler> > > RegExistsContainer;
+
+typedef checkHolders::CheckContainer<checkHolders::ExactBoundsULong> ExactULongContainer;
+typedef checkHolders::CheckContainer<checkHolders::ExactBoundsLongLong> ExactLongLongContainer;
+typedef checkHolders::CheckContainer<checkHolders::ExactBoundsTime> DateTimeContainer;
+typedef checkHolders::CheckContainer<checkHolders::FilterBounds<filters::filter_all_strings> > StringContainer;
+
+struct check_regkey_child_count : public checkHolders::check_proxy_container<regkey_container, ExactULongContainer> {
+  check_regkey_child_count() { set_alias(_T("child-count")); }
+  unsigned long get_value(regkey_container &value) {
+    return value.ullChildCount;
+  }
+};
+struct check_regkey_int_value : public checkHolders::check_proxy_container<regkey_container, ExactLongLongContainer> {
+  check_regkey_int_value() { set_alias(_T("value")); }
+  long long get_value(regkey_container &value) {
+    return value.info.iValue;
+  }
+};
+struct check_regkey_string_value : public checkHolders::check_proxy_container<regkey_container, StringContainer> {
+  check_regkey_string_value() { set_alias(_T("value")); }
+  std::wstring get_value(regkey_container &value) {
+    return value.info.sValue;
+  }
+};
+struct check_regkey_written : public checkHolders::check_proxy_container<regkey_container, DateTimeContainer> {
+  check_regkey_written() { set_alias(_T("written")); }
+  unsigned long long get_value(regkey_container &value) {
+    return value.ullLastWriteTime;
+  }
+};
+struct check_regkey_type : public checkHolders::check_proxy_container<regkey_container, RegTypeContainer> {
+  check_regkey_type() { set_alias(_T("type")); }
+  int get_value(regkey_container &value) {
+    return value.iType;
+  }
+};
+struct check_regkey_exists : public checkHolders::check_proxy_container<regkey_container, RegExistsContainer> {
+  check_regkey_exists() { set_alias(_T("exists")); }
+  int get_value(regkey_container &value) {
+    return value.uiExists;
+  }
+};
+
+
+typedef checkHolders::check_multi_container<regkey_container> check_file_multi;
+struct check_regkey_factories {
+  static checkHolders::check_proxy_interface<regkey_container>* type() {
+    return new check_regkey_type();
+  }
+  static checkHolders::check_proxy_interface<regkey_container>* exists() {
+    return new check_regkey_exists();
+  }
+  static checkHolders::check_proxy_interface<regkey_container>* child_count() {
+    return new check_regkey_child_count();
+  }
+  static checkHolders::check_proxy_interface<regkey_container>* written() {
+    return new check_regkey_written();
+  }
+  static checkHolders::check_proxy_interface<regkey_container>* value_string() {
+    return new check_regkey_string_value();
+  }
+  static checkHolders::check_proxy_interface<regkey_container>* value_int() {
+    return new check_regkey_int_value();
+  }
+};
+
+#define MAP_FACTORY_PB(value, obj) \
+    else if ((p__.first == _T("check")) && (p__.second == ##value)) { checker.add_check(check_regkey_factories::obj()); }
+
+
+NSCAPI::nagiosReturn CheckSystem::checkSingleRegEntry(const unsigned int argLen, TCHAR **char_args, std::wstring &message, std::wstring &perf) {
+  NSCAPI::nagiosReturn returnCode = NSCAPI::returnOK;
+  std::list<std::wstring> stl_args = arrayBuffer::arrayBuffer2list(argLen, char_args);
+  check_file_multi checker;
+  typedef std::pair<int,regkey_filter> filteritem_type;
+  typedef std::list<filteritem_type > filterlist_type;
+  if (stl_args.empty()) {
+    message = _T("Missing argument(s).");
+    return NSCAPI::returnUNKNOWN;
+  }
+  std::list<std::wstring> files;
+  unsigned int truncate = 0;
+  std::wstring syntax = _T("%filename%");
+  std::wstring alias;
+  bool bPerfData = true;
+
+  try {
+    MAP_OPTIONS_BEGIN(stl_args)
+      MAP_OPTIONS_STR2INT(_T("truncate"), truncate)
+      MAP_OPTIONS_BOOL_FALSE(IGNORE_PERFDATA, bPerfData)
+      MAP_OPTIONS_STR(_T("syntax"), syntax)
+      MAP_OPTIONS_STR(_T("alias"), alias)
+      MAP_OPTIONS_PUSH(_T("path"), files)
+      MAP_OPTIONS_SHOWALL(checker)
+      MAP_OPTIONS_EXACT_NUMERIC_ALL_MULTI(checker, _T(""))
+      MAP_FACTORY_PB(_T("type"), type)
+      MAP_FACTORY_PB(_T("child-count"), child_count)
+      MAP_FACTORY_PB(_T("written"), written)
+      MAP_FACTORY_PB(_T("int"), value_int)
+      MAP_FACTORY_PB(_T("string"), value_string)
+      MAP_OPTIONS_MISSING(message, _T("Unknown argument: "))
+      MAP_OPTIONS_END()
+  } catch (filters::parse_exception e) {
+    message = e.getMessage();
+    return NSCAPI::returnUNKNOWN;
+  } catch (filters::filter_exception e) {
+    message = e.getMessage();
+    return NSCAPI::returnUNKNOWN;
+  }
+  FILETIME now;
+  GetSystemTimeAsFileTime(&now);
+  unsigned __int64 nowi64 = ((now.dwHighDateTime * ((unsigned long long)MAXDWORD+1)) + (unsigned long long)now.dwLowDateTime);
+  for (std::list<std::wstring>::const_iterator pit = files.begin(); pit != files.end(); ++pit) {
+    regkey_container info = regkey_container::get(*pit, nowi64);
+    if (info.has_errors()) {
+      message = info.error;
+      return NSCAPI::returnUNKNOWN;
+    }
+    checker.alias = info.render(syntax);
+    checker.runCheck(info, returnCode, message, perf);
+  }
+  if ((truncate > 0) && (message.length() > (truncate-4))) {
+    message = message.substr(0, truncate-4) + _T("...");
+    perf = _T("");
+  }
+  if (message.empty())
+    message = _T("CheckSingleRegkey ok");
+  return returnCode;
+}
 
 NSC_WRAPPERS_MAIN_DEF(gCheckSystem);

trunk/modules/CheckSystem/CheckSystem.h

@@ -82 +82 @@
   NSCAPI::nagiosReturn checkCounter(const unsigned int argLen, TCHAR **char_args, std::wstring &msg, std::wstring &perf);
   NSCAPI::nagiosReturn listCounterInstances(const unsigned int argLen, TCHAR **char_args, std::wstring &msg, std::wstring &perf);
+  NSCAPI::nagiosReturn checkSingleRegEntry(const unsigned int argLen, TCHAR **char_args, std::wstring &message, std::wstring &perf);
 
 

trunk/modules/FileLogger/FileLogger.cpp

@@ -133 +133 @@
   return hFile;
 }
+  if (hFile == INVALID_HANDLE_VALUE) {
+    hFile = ::CreateFile(file.c_str(), GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
+    if (hFile != INVALID_HANDLE_VALUE) {
+      WORD wBOM = 0xFEFF;
+      ::WriteFile(hFile, &wBOM, sizeof(WORD), &numberOfBytesWritten, NULL);
+  }
+  return hFile;
+}
 */
 

trunk/modules/LUAScript/LUAScript.cpp

@@ -25 +25 @@
 #include <filter_framework.hpp>
 #include <error.hpp>
+#include <file_helpers.hpp>
 
 
@@ -66 +67 @@
 bool LUAScript::loadScript(const std::wstring file) {
   try {
-    script_wrapper::lua_script *script = new script_wrapper::lua_script(file);
+    std::wstring file_ = file;
+
+    if (!file_helpers::checks::exists(file_)) {
+      file_ = NSCModuleHelper::getBasePath() + file;
+      if (!file_helpers::checks::exists(file_)) {
+        NSC_LOG_ERROR(_T("Script not found: ") + file + _T(" (") + file_ + _T(")"));
+        return false;
+      }
+    }
+    NSC_DEBUG_MSG_STD(_T("Loading script: ") + file + _T(" (") + file_ + _T(")"));
+    script_wrapper::lua_script *script = new script_wrapper::lua_script(file_);
     script->pre_load(this);
     scripts_.push_back(script);

trunk/modules/NRPEClient/NRPEClient.h

@@ -110 +110 @@
   std::wstring getModuleDescription() {
     return _T("A simple client for checking remote NRPE servers (think proxy).\n")
+#ifndef USE_BOOST
+    _T("BOOST support is missing (this is probably very bad)!\n")
+#endif
 #ifndef USE_SSL
     _T("SSL support is missing (so you cant use encryption)!")

trunk/modules/NSCAAgent/NSCAAgent.h

@@ -73 +73 @@
   NSCAPI::nagiosReturn handleSimpleNotification(const std::wstring channel, const std::wstring command, NSCAPI::nagiosReturn code, std::wstring msg, std::wstring perf);
 
-
 };

trunk/modules/NSCAAgent/NSCAThread.cpp

@@ -66 +66 @@
 
 NSCAThread::NSCAThread() : hStopEvent_(NULL) {
+  std::wstring tmpstr = NSCModuleHelper::getSettingsString(NSCA_AGENT_SECTION_TITLE, NSCA_TIME_DELTA, NSCA_TIME_DELTA_DEFAULT);
   std::wstring tmpstr = SETTINGS_GET_STRING(nsca::TIME_DELTA_DEFAULT);
   if (tmpstr[0] == '-' && tmpstr.size() > 2)
@@ -75 +76 @@
   timeDelta_ = timeDelta_ / 1000;
   NSC_DEBUG_MSG_STD(_T("Time difference for NSCA server is: ") + strEx::itos(timeDelta_));
-  checkIntervall_ = SETTINGS_GET_INT(nsca::INTERVAL);
-  hostname_ = SETTINGS_GET_STRING(nsca::HOSTNAME);
-  nscahost_ = SETTINGS_GET_STRING(nsca::SERVER_HOST);
-  nscaport_ = SETTINGS_GET_INT(nsca::SERVER_PORT);
-  payload_length_ = SETTINGS_GET_INT(nsca::PAYLOAD_LENGTH);
-  read_timeout_ = SETTINGS_GET_INT(nsca::READ_TIMEOUT);
-  std::wstring report = SETTINGS_GET_STRING(nsca::REPORT_MODE);
   report_ = parse_report_string(report);
   NSC_DEBUG_MSG_STD(_T("Only reporting: ") + generate_report_string(report_));
   
+  encryption_method_ = NSCModuleHelper::getSettingsInt(NSCA_AGENT_SECTION_TITLE, NSCA_ENCRYPTION, NSCA_ENCRYPTION_DEFAULT);
+  std::wstring password = NSCModuleHelper::getSettingsString(NSCA_AGENT_SECTION_TITLE, MAIN_OBFUSCATED_PASWD, MAIN_OBFUSCATED_PASWD_DEFAULT);
+  if (!password.empty())
+    password = NSCModuleHelper::Decrypt(password);
+  if (password.empty())
+    password = NSCModuleHelper::getSettingsString(NSCA_AGENT_SECTION_TITLE, NSCA_PASSWORD, NSCA_PASSWORD_DEFAULT);
+  if (password.empty()) {
+    // read main password if no NSCA one is found
+    password = NSCModuleHelper::getSettingsString(MAIN_SECTION_TITLE, MAIN_OBFUSCATED_PASWD, MAIN_OBFUSCATED_PASWD_DEFAULT);
+    if (!password.empty())
+      password = NSCModuleHelper::Decrypt(password);
+    if (password.empty())
+      password = NSCModuleHelper::getSettingsString(MAIN_SECTION_TITLE, MAIN_SETTINGS_PWD, MAIN_SETTINGS_PWD_DEFAULT);
+  }
+  password_ = strEx::wstring_to_string(password);
   encryption_method_ = SETTINGS_GET_INT(nsca::ENCRYPTION);
   password_ = strEx::wstring_to_string(SETTINGS_GET_STRING(nsca::PASSWORD));