dubey/WindowsXP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
WindowsXP/admin/wmi/wbem/winmgmt/esscomp/esstest/index.mof
Tanishq Dubey cb60ae51e5
Initial Commit
2025-04-27 07:49:33 -04:00

340 lines
8.8 KiB
Plaintext
Raw Blame History

//////////////////////////////////////////////////////////////////////////////
// Index.mof contains:
// Index Event Generator definitions for ESSTest
//
// Event and provider definitions for:
// MSFT_EssTestIndexEvent
// MSFT_EssTestIndexEvent2
//
#pragma namespace("\\\\.\\root\\cimv2")
//////////////////////////////////////////////////////////////////////////////
// MSFT_EssTestIndexEvent (single DWORD event)
class MSFT_EssTestIndexEvent : __ExtrinsicEvent
{
uint32 Index;
};
// Fires MSFT_EssTestIndexEvent
instance of MSFT_EssEventGenerator as $Gen1
{
Name = "Index Event Generator";
CommandLine = "mofprov \"/Nroot\\cimv2\" \"/PDecoupled Index Event Generator\" \"/F%ResultsFile%\" /B0";
Script =
"PrintMOF();\n"
"\n"
"function PrintMOF()\n"
"{\n"
" var args = WScript.Arguments;\n"
"\n"
" for (Index = 0; Index < args(0); Index++)\n"
" {\n"
" if (%ScriptRule%)\n"
" {\n"
" WScript.Echo(\n"
" \"instance of MSFT_EssTestIndexEvent { Index = \" + Index + \"; }; \");\n"
" }\n"
" }\n"
"}\n";
};
instance of MSFT_EssTestWorkItem
{
Name = "Index Events";
EventGenerator = $Gen1;
Enabled = false;
NumEvents = 50000;
TimesToExecute = 1;
MaxPermConsumers = 5;
MaxTempConsumers = 5;
SlowDownProviders = true;
};
instance of MSFT_EssTestFilter
{
Name = "Index Ranges: 800-850";
EventGenerator = $Gen1;
Query =
"select * from MSFT_EssTestIndexEvent where (Index >= 800 and Index <= 850)";
ScriptRule = "(Index >= 800 && Index <= 850)";
Behavior = 1;
};
instance of MSFT_EssTestFilter
{
Name = "Index Ranges: 2000-2100";
EventGenerator = $Gen1;
Query =
"select * from MSFT_EssTestIndexEvent where "
"(Index >= 2000 and Index <= 2100)";
ScriptRule = "Index >= 2000 && Index <= 2100";
Behavior = 1;
OnAt = 2;
OffAt = 6;
};
instance of MSFT_EssTestFilter
{
Name = "Index Ranges: 3000-3200 (on/off)";
EventGenerator = $Gen1;
Query =
"select * from MSFT_EssTestIndexEvent where "
"(Index >= 3000 and Index <= 3200)";
ScriptRule = "Index >= 3000 && Index <= 3200";
Behavior = 2;
OnAt = 2;
OffAt = 6;
};
instance of MSFT_EssTestFilter
{
Name = "Index Ranges: 200-400,600-800,900-950";
EventGenerator = $Gen1;
Query =
"select * from MSFT_EssTestIndexEvent where "
"(Index >= 200 and Index <= 250) or "
"(Index >= 600 and Index <= 800) or "
"(Index >= 900 and Index <= 950)";
ScriptRule =
"(Index >= 200 && Index <= 250) || "
"(Index >= 600 && Index <= 800) || "
"(Index >= 900 && Index <= 950)";
Behavior = 1;
};
instance of MSFT_EssTestFilter
{
Name = "Index Includes: 10,20,30,40,50,60,70,80,90,100";
EventGenerator = $Gen1;
Query =
"select * from MSFT_EssTestIndexEvent where "
"Index = 10 or Index = 20 or Index = 30 or "
"Index = 40 or Index = 50 or Index = 60 or "
"Index = 70 or Index = 80 or Index = 90 or "
"Index = 100";
ScriptRule =
"Index == 10 || Index == 20 || Index == 30 || "
"Index == 40 || Index == 50 || Index == 60 || "
"Index == 70 || Index == 80 || Index == 90 || "
"Index == 100";
Behavior = 1;
};
//////////////////////////////////////////////////////////////////////////////
// MSFT_EssTestIndexEvent (more complicated event)
class MSFT_EssTestIndex2Event : __ExtrinsicEvent
{
uint32 Index;
string StringParam;
object Obj;
object ObjArray[];
string StringArray[];
uint32 IntArray[];
boolean BoolArray[];
boolean BoolParam;
uint8 ByteArray[];
};
// Fires MSFT_EssTestIndex2Event
instance of MSFT_EssEventGenerator as $Gen2
{
Name = "Index2 Event Generator";
CommandLine = "mofprov \"/Nroot\\cimv2\" \"/PDecoupled Index Event Generator\" \"/F%ResultsFile%\" /B64000 /L1000 /V";
Script =
"PrintMOF();"
"function PrintMOF()\n"
"{\n"
" var args = WScript.Arguments;\n"
" for (Index = 0; Index < args(0); Index++)\n"
" {\n"
" var Class,\n"
" CurrentClockSpeed = -1,\n"
" ProcessID = -1,\n"
" SubIndex = -1,\n"
" Type = Index % 3,\n"
" Obj;\n"
" if (Type == 0)\n"
" {\n"
" Class = \"Win32_Processor\";\n"
" CurrentClockSpeed = Index % 100;\n"
" Obj = \n"
" \"instance of Win32_Processor \" +\n"
" \"{\" +\n"
" \" CurrentClockSpeed = \" + CurrentClockSpeed + \";\" +\n"
" \"}\";\n"
" }\n"
" else if (Type == 1)\n"
" {\n"
" Class = \"Win32_Process\";\n"
" ProcessID = Index % 2000;\n"
" Obj = \n"
" \"instance of Win32_Process \" +\n"
" \"{\" +\n"
" \" ProcessID = \" + ProcessID + \";\" +\n"
" \"}\";\n"
" }\n"
" else\n"
" {\n"
" Class = \"MSFT_EssTestIndex2Event\";\n"
" SubIndex = Index + 1000;\n"
" Obj = \n"
" \"instance of MSFT_EssTestIndex2Event \" +\n"
" \"{\" +\n"
" \" Index = \" + SubIndex + \";\" +\n"
" \"}\";\n"
" }\n"
" if (%ScriptRule%)\n"
" {\n"
" var strOut =\n"
" \"instance of MSFT_EssTestIndex2Event \" +\n"
" \"{\" +\n"
" \" Index = \" + Index + \";\" +\n"
" \" Obj = \" + Obj + \";\" +\n"
" \"};\"\n"
" WScript.Echo(strOut);\n"
" }\n"
" }\n"
"};\n";
};
instance of MSFT_EssTestWorkItem
{
Name = "Index2 Events";
EventGenerator = $Gen2;
Enabled = false;
NumEvents = 10000;
TimesToExecute = 1;
MaxPermConsumers = 1;
MaxTempConsumers = 0;
SlowDownProviders = true;
};
instance of MSFT_EssTestFilter
{
Name = "Index2: CurrentClockSpeed >= 95";
EventGenerator = $Gen2;
Query =
"select * from MSFT_EssTestIndex2Event where Obj.CurrentClockSpeed >= 95";
ScriptRule = "CurrentClockSpeed >= 95";
Behavior = 1;
};
instance of MSFT_EssTestFilter
{
Name = "Index2: (ProcessID >= 100 and ProcessID <= 125) or ProcessID = 75";
EventGenerator = $Gen2;
Query =
"select * from MSFT_EssTestIndex2Event where "
"(Obj.ProcessID >= 100 and Obj.ProcessID <= 125) or Obj.ProcessID = 75";
ScriptRule = "(ProcessID >= 100 && ProcessID <= 125) || ProcessID == 75";
Behavior = 1;
};
instance of MSFT_EssTestFilter
{
Name = "Index2: ProcessID >= 500 and ProcessID < 550 (non-empty guard)";
EventGenerator = $Gen2;
Query =
"select * from MSFT_EssTestIndex2Event where "
"Obj.ProcessID >= 500 and ProcessID < 550";
ScriptRule = "ProcessID >= 500 && ProcessID < 550";
Condition = "select handle from win32_process where name = \"lsass.exe\"";
ConditionNamespace = "root\\cimv2";
Behavior = 1;
};
instance of MSFT_EssTestFilter
{
Name = "Index2: ProcessID >= 600 and ProcessID < 650 (empty guard)";
EventGenerator = $Gen2;
Query =
"select * from MSFT_EssTestIndex2Event where "
"Obj.ProcessID >= 600 and ProcessID < 650";
// Because the guard will always be empty, we should expect to get no
// events sent to this filter.
ScriptRule = "1 == 0";
Condition = "select handle from win32_process where name = \"notthere.exe\"";
ConditionNamespace = "root\\cimv2";
Behavior = 1;
};
instance of MSFT_EssTestFilter
{
Name = "Index2: ProcessID >= 700 and ProcessID <= 800 (on/off)";
EventGenerator = $Gen2;
Query =
"select * from MSFT_EssTestIndex2Event where "
"Obj.ProcessID >= 600 and ProcessID < 650";
// Because the guard will always be empty, we should expect to get no
// events sent to this filter.
ScriptRule = "(ProcessID >= 700 && ProcessID <= 800)";
Behavior = 2;
OnAt = 1;
OffAt = 10;
};
//////////////////////////////////////////////////////////////////////////////
// Decoupled event provider registration.
instance of Win32PseudoProvider as $P2
{
Name = "Decoupled Index Event Generator";
};
instance of __EventProviderRegistration
{
Provider = $P2;
EventQueryList =
{
"select * from MSFT_EssTestIndexEvent",
"select * from MSFT_EssTestIndex2Event"
};
};
Reference in New Issue View Git Blame Copy Permalink