===========================================================================
y    ́z  FAccLog Enterprise iLtH_t@CĎc[j
y    z  FAccLog Enterprise 1.38p [Build FALS0138 | FALP0001]
yo ^ z  FAccLogEnterprise.exe  (Visual Studio .NET 2003j
y  z  -- hCodl --
yҖz  lbg
yz  OS : Windows2003,WindowsXP
yfڌz  2009/05/05
y񋟌`z  ZIP FILE : FAccLog_Enterprise.zip
------------
y    ʁz  VFAEFA
y]    ځz  [ł̘A肢܂Bdaikoku@kss.biglobe.ne.jp
yXVz  http://www2s.biglobe.ne.jp/~masa-nak/fal_down.htm
===========================================================================
j[
---------------------------------------------------------------------------
      Tv
      
      
      CXg[
      ACXg[
      NCbNZbgAbv
      ڍׂȐݒ@ɂ
      G[O
XV> jڂ̐
      Ot@C̓e
      NICQȏ゠ꍇ̐ݒ@
      pPbgLv`obt@̕ύX
      T[rXN@
      t@C̓e
      ׂ̌y
      ܂CZXL[o^łȂƂ
      oOA_AP_
      Ɛ 
      gpɂ
      VFAEFAɂ
      sU荞݂ɂ
      JCZX̍wɂ
---------------------------------------------------------------------------

Tv
  FAccLog EnterpriséAt@CT[o[̋LtH_ĎA
  NCAg[ŨANZXA^CɎW܂B
  ؂ȃf[^AR̃XNy\ȃAvP[VłB
  
  i@\Tvj
    ELtH_̃ANZXO擾@\
    ENANZXOؑւ@\
    EANZXO̓tؑւ@\
    EANZXÕTCYؑւ@\
    EtH_̊ĎO@\
    EtH_̊ĎΏۋ@\

  FAccLog EnterpriséAGUIł̓sA[UɈ₷悤ɂĂ܂B
  ܂AT[rXo^\ŁA^pɑς݌vɂȂĂ܂B


  T[rXvOɂẮAmȂƑ؂ȃf[^̔jɂȂ肩˂܂B
  \ɒӂĂgpB
  ܂AT[rXvOɂĂ͓ɐ͂܂B


  OS       : 2003/XP  ( NT3.1/NT3.5/NT4.0/Win3.1/95/98/98SE/ME ł͓v܂BWin2000,WindowsVista,Windows2008͓ۏႵ܂)
  CPU      : Pentium4NXȏ𐄑E
  MEMORY   : 1GBȏ
  HDD      : Ot@Cɉ
  NIC      : S܂
  Driver   : FAL_DrvCapXX.sys hCoKv
  Protocol : SMB (Server Message Block)
  Other    : C^[lbgvgR(TCP/IP)CXg[̂

CXg[
  ECӂ̏ꏊɉ𓀂ĂB

  EhCõRs[
    Windows2003̏ꍇ
      Windows2003 ̏ꍇA𓀂A[JCúu2003vtH_́uFAL_DrvCapXX.sysv
      FAccLogEnterprise.exeƓzɏ㏑Rs[B

    WindowsXP̏ꍇ
      WindowsXP ̏ꍇA𓀂A[JCúuXPvtH_́uFAL_DrvCapXX.sysv
      FAccLogEnterprise.exeƓzɏ㏑Rs[B
      FAccLogEnterprise.exeƓzɏ߂炠uFAL_DrvCapXX.sysv́AWindowsXPŁB

ACXg[
  ECXg[ɔzuvOtH_SĂ폜ĂB

NCbNZbgAbv
uFAccLog EnterprisevNAuҏWvj́uIvVvNbNIvVݒʂ\B
 L̐ݒ荀ڂw肷B
  EuOwꏊv        c  WȌo͏ꏊw肷B
  EuĎΏIPAhXv  c  ĎΏۂIPAhXw肷B
  EuANZXo@v    c  SMBpPbg擾EWindowsAPI擾̂Q`FbNB
  EuOt@C̎擾v  c  `FbNAOt@CWB
  w肪uݒv{^AuFAccLog EnterprisevċNB

uFAccLog EnterprisevċNAut@Cvj́uWJnvNbNANZXĎJnB

ANZXĎɂ́ASMBpPbgTreeID֘AtĊĎsĂ邽߁A
  t@CT[oɃZbV񂪂łɑ݂ꍇAuunknownvƕ\܂B
  ܂At@CT[og̋LtH_ɃANZX͎Wł܂B

ڂ}jAɂĂ͉L̃TCg_E[hĂB
http://www2s.biglobe.ne.jp/~masa-nak/fal_down.htm

ڍׂȐݒ@ɂ
  uFAccLogEnterprise}jAvQƂB

G[O
  EuC:\TEMP\FALkernelvzɓ샍Oo͂܂B
     `) FALkernelxx.log
           xx c b

  Eo͐̕ύX@
     FAccLogEnterprise.exe AC "C:\FAccLogEnterprise\log"

     <>
     FAccLogEnterprise.exe [AC|SC] [Oo͐tH_]
       PFAC c [UvO
                 SC c T[rXvO

       QFOo͐tH_ KQɎw
                 Ot@ĆuFALkernelxx.log  xx c bvŏo

jڂ̐
EuWJnv
    ANZXĎ̎WJnB

EuW~v
    ANZXĎ̎W~B

EuFAL_Hostsǂݍ݁v
    Osۂ̗\t@C
    <t@Ce>
  
  USER1,192.168.1.1 
  USER2,192.168.1.2 
  
   gpꍇ́AIvVݒ́uFAL HostsvLɂĂB
   Lɂꍇ́AW̖OAyсAuzXgϊvŗ\ϊzXgƂĎgpł܂B
   \ϊzXgݒ肵ꍇAOłȂG[łA
   ܂AIPAhXɊ֘AtƎ̃Rs[^ɕϊł܂B

EuIv
    uFAccLog EnterprisevI܂B

EuĎĎv
    ANZXOɑ΂āAWȂANZXpXut@CvutH_vutH_zv
    ̒PʂŁAOA܂́Ảӏ̂݊Ď\łB

    u01  Ď 00000000-00000000 t@C *v
      ́AׂĂ̋LtH_ĎGg[`ƂȂ܂B
      ׂĂ̋LtH_ĎAOݒɒ`ꍇɕKvłB
      j
  
  01  Ď 00000000-00000000 t@C *                 
  02  O 00000000-00000000 tH_   C:\Ǘ   ̃pX̃ANZXWȂ
  02  O 00000000-00000000 tH_z C:\J       ̃pX̃ANZXWȂ
  
  
    u01  O 00000000-00000000 t@C *ṽGg͍폜ȂłB
      ́AׂĂ̋LtH_OGg[`ƂȂ܂B
      ׂĂ̋LtH_OAĎݒɒ`ꍇɕKvłB
      j
  
  01  O 00000000-00000000 t@C *                 
  02  Ď 00000000-00000000 tH_   C:\Ǘ   ̃pX̂݃ANZXW
  02  Ď 00000000-00000000 tH_z C:\J       ̃pX̂݃ANZXW
  

   D揇ʂ́uĎvuOvƂȂĂ܂B

EuIPAhX tF^v
   WȂIPAhXɑ΂ăANZXȌO\łB

EuIvVv
    +uOt@Cv
        ݒ肳Ă郍Ot@CpX
    +uOwꏊv
        Ot@Co̓pX̕ύX
    +uĎΏIPAhXv
        ĎΏۂIPAhXw
    +uXVԁv
        Xg\ĂANZXXVŒZ
    +uSpPbg擾v
        SMBpPbgƂėpCvt@Cos
    +uG[xv
        0 c dvȃG[̂ݏo
        1 c `[jOɊւG[̏o
        2 c ׂẴG[o
    +uANZXo@v
        SMBpPbg擾 c SMBpPbg̃ANZX擾
        WindowsAPI擾  c WindowsAPĨANZX擾
        gpɖ肪Ȃ΁AQ̐ݒuh`łgpB
    +uOt@C̎擾v
        WOt@Cɏo
    +uOt@C̐ؑցv
        WOt@CAvP[V̋NƂɐ؂ւB
    +uǉFؑւTCYv
        WOt@Cw肳ꂽTCYɒB_Ńt@C؂ւB
    +uǉFؑւtv
        WOt@Cw肳ꂽtƂɃt@C؂ւB
    +uNɉBv
        uFAccLog EnterprisevNɃ^XNgCɊi[B
    +uNɃ^XNgCɏ풓v
        uFAccLog EnterprisevNɃ^XNgCɃACR풓B
    +uNƓɎWJnv
        uFAccLog EnterprisevNɁuWJnvsB
    +uzXgϊv
        Xg\EANZXOIPAhX\ɃzXg(Rs[^)t^B
    +uFAL Hostsv
        ANZXWAzXgϊɎgp閼O̗\sB
        OłȂꍇƎ̖Oɗpł܂B
        OłĂȂƂoɂ́AG[Oɏo͂
        uIPAhXϊsBNetWkSessionInfo[%d].sesi502_cname = xxxxxxv́A
         xxxxxx ̃zXg(Rs[^)łĂȂ̂łB
    +upXu"vň͂ށv
        ANZXÕpXɁu"v_uR[e[Vň͂Ńt@Co͂
    +uhCoݒv
        pPbgLv`̃hCoI
        hCo:01 c NIC2ȏ̐ݒp (pPbgLv`obt@ 1000)
        hCo:02 c NIC2ȏ̐ݒp (pPbgLv`obt@ 1000)
        hCo:03 c NIC2ȏ̐ݒp (pPbgLv`obt@ 1000)
        hCo:04 c NIC2ȏ̐ݒp (pPbgLv`obt@ 1000)
        hCo:21 c pPbgLv`obt@ 2000
        hCo:31 c pPbgLv`obt@ 3000
    +uANZXȌ݂̂݁v
        Xgr[ւ̕\ɃANZXOւ݂݂̏̂s
        ׂ̒ጸ

Euݒɖ߂v
    IvVݒeԂɖ߂B

EuCZXo^v
    CZXo^sB

EuO\v
    OW̃t@CJ

EuQƁv
    Xg\̃ANZXIuQƁvs邱ƂŃANZX̃tH_Et@CQƂłB

EuQƁv
    Xg\̃ANZXIuQƁvs邱ƂŃANZX̃tH_Et@CQƂłB
    _uNbNl̓

EuAbvf[gv
    FAccLogT|[gTCgɐڑ܂B

Euo[Wv
    FAccLog̃o[WACZXL[\܂B

Ot@C̓e
  擾郍Ot@C̓e̗
  
  [2007/11/05 21:19:39],login,WAIT0,ADMINISTRATOR,10.6.207.97,10.6.207.20,,\\HPDEVCL097\TEST              
  [2007/11/05 21:20:00],connect,2049,ADMINISTRATOR,10.6.207.97,10.6.207.20,,\\HPDEVCL097\TEST             
  [2007/11/05 21:20:00],access,2049,ADMINISTRATOR,10.6.207.97,10.6.207.20,0,C:\TEST,Q                  
  [2007/11/15 15:38:42],unconnected,ADMINISTRATOR,2049,10.6.207.97,10.6.207.20,,\\10.6.207.20\CTC         
  [2007/11/15 15:57:12],logout,2049,ADMINISTRATOR,10.6.207.97,10.6.207.20,,\\10.6.207.20\CTC              
                                       :                                                                  
  [2007/11/05 21:20:00],access,2049,ADMINISTRATOR,10.6.207.97,10.6.207.20,0,C:\TEST,Q                  
  --------------------- ------ ---- ------------- ----------- ----------- - ------- ----                  
            (1)          (2)   (3)       (4)          (5)         (6)    (7)  (8)    (9)                  
  

   (1)  c  ڑ
            [YYYY/MM/DD hh:mm:ss]
            YYYY c 
            MM   c 
            DD   c 
            hh   c 
            mm   c 
            ss   c b

   (2)  c  ANV
            login     c ZbVڑ
            connect   c LtH_ɃANZX
            access    c LtH_ELt@Cɑ΂ẴANZX
            unknown   c TreeID̊֘AncłȂANZX
            unconnect c ANZXԂZbVڑ݂̂ĂԂɈڍs
            logout    c ZbVؒf

   (3)  c  TreeID
            ANZX[UZbVڑĂ̊Ǘԍ
            ڑĂǂ̂悤ȌoH⑀삪̊ǗID璊o\

   (4)  c  OC[U

   (5)  c  T[oIPAhX

   (6)  c  NCAgIPAhX

   (7)  c  t@CTCY
            fBNǵu0oCgv

   (8)  c  ANZXpX
            t@CT[oɑ΂ẴtpX
            uunknownv̏ꍇASMBpPbg̃ANZXpX̂܂܏o

   (9)  c  ANZX`
            Q c tH_Et@Cɓǂݎ
             c t@Cɏ
            폜 c tH_Et@C폜
             c tH_Et@Cl[

NICQȏ゠ꍇ̐ݒ@
 uFAccLog EnterpriseṽCXg[𕡐ɕ邱Ƃŉ\łB
  OɃCXg[ĂtH_Rs[ꍇ́A
  NOɃRs[tH_́uFAccLog.inivt@C폜ĂB
  
  oNICuFAccLog EnterprisevCXg[C[WƂȂ܂B

  ꂼCXg[uFAccLog EnterpriseṽIvV
  uhCoݒṽ_EXgA
   EhCo:01iftHgj
   EhCo:02
   EhCo:03
   EhCo:04
   eFAccLog EnterprisevȂ悤ɕĐݒ肵܂B

pPbgLv`obt@̕ύX
  ꂼCXg[uFAccLog EnterpriseṽIvV
  uhCoݒṽ_EXgA
   EhCo:01iobt@1000pPbgjiftHgj
   EhCo:21iobt@2000pPbgj
   EhCo:31iobt@3000pPbgj
   ̂ǂꂩIAݒ肵܂B

   NICQȏ゠ꍇɂ͑ΉĂ܂B

T[rXN@
  t́uFAccLogServiceSet.exevgpB
  ݒ@ɂẮuFAccLogEnterprise}jAvQƂB

t@C̓e
  E01.Readme.txt               c t@C
  E02.ExclusionInfo_Readme.txt c ExclusionInfot@C
  E03.C.txt             c Ct@C
  EExclusionInfo.dll           c ĎǗDLL
  EExclusionInfo.dat           c ĎǗf[^
  EFAccLogEnterprise.exe       c Av{
  EFAL_DrvCap.sys              c pPbgLv`hCo     XP
  EFAL_DrvCap2.sys             c pPbgLv`hCo2    XP
  EFAL_DrvCap3.sys             c pPbgLv`hCo3    XP
  EFAL_DrvCap4.sys             c pPbgLv`hCo4    XP
  EFAL_DrvCap21.sys            c pPbgLv`hCo21   XP
  EFAL_DrvCap31.sys            c pPbgLv`hCo31   XP
  EFAL_Hosts.hst               c FAL Hostst@C
  E[2003]                      c Windows2003hCo
     EFAL_DrvCap.sys              c pPbgLv`hCo
     EFAL_DrvCap2.sys             c pPbgLv`hCo2
     EFAL_DrvCap3.sys             c pPbgLv`hCo3
     EFAL_DrvCap4.sys             c pPbgLv`hCo4
     EFAL_DrvCap21.sys            c pPbgLv`hCo21
     EFAL_DrvCap31.sys            c pPbgLv`hCo31
  E[XP]                        c WindowsXPhCo
     EFAL_DrvCap.sys              c pPbgLv`hCo
     EFAL_DrvCap2.sys             c pPbgLv`hCo2
     EFAL_DrvCap3.sys             c pPbgLv`hCo3
     EFAL_DrvCap4.sys             c pPbgLv`hCo4
     EFAL_DrvCap21.sys            c pPbgLv`hCo21
     EFAL_DrvCap31.sys            c pPbgLv`hCo31
  E[T[rXo^\tg]        c T[rXo^
     EFAccLogServiceSet.exe       c T[rXo^Av
     E01.Readme.txt               c ReadMet@C

ׂ̌y
  IvVݒ́uANZXȌ݂̂݁vL邱ƂɂāA
  GUI֕\AANZXȌ݂݂̂sȂׂ̌ysB

܂CZXL[o^łȂƂ
  CXg[tH_ɂuFAccLog.iniv폜A
  xACZXL[̓o^sĂB
  uFAccLog.iniv폜ꍇAIvVݒ肪܂B

oOA_AP_
  słAۂ
    Es̓e
    EgpĂo[W
    EŌɍs
    ECxgO ... ȂǁA
    Ŗ𗧂񂪂ΑϏ܂B

Ɛ 
  E{vO̓VFAEGAłB
  EŗpӂA[JCu`ł̂ݍĔzz\łB
    WebAGւ̏ЉACD-ROMɎ^ꍇ͕KAĂB
  E҂̓vO̊Sȓۏ؂镨ł͂܂B
  E{vOgpŐȂ鑹QɂĂA҂͈؂̐ӔC𕉂܂B
  EvO̒쌠́Aulbg  ^ǁvۗL܂B
  ECZXs҂ɎgpF߂̂ŁAO҂֓]͔F߂܂B
  Eۏ؂⏫Iȋ@\gۏ؂̂ł͂܂B
  EoO𔭌ꍇ̖Ώ͂̓sxs܂AׂẴoOɑΏ͍s܂B
    񍐂Ăe͗Ɏ󂯎~߁AXȂ铮̈Aǂ@\ǉĂ܂B
  EŐVłтm点͂炩B
    http://www2s.biglobe.ne.jp/~masa-nak/fal_down.htm
  EoOA_AP_Ȃǂ܂A܂ŁB
    daikoku@kss.biglobe.ne.jp
    ̓eɂ育񓚂܂łɂԂv邱Ƃ܂B
  Eǉ@\JX^}CYɂĂ͂kɂ̂܂B
  ESĂg߂ɁAguV[eBOAQ؂蕪AȂǂ͂߁A 
    [eiXT|[gɂĂ͕ʓrkɂ̂܂B

gpɂ
  {vO̓VFAEGAłB
  CZXwłPԎpł܂B

  gp̊œ삷邩ǂmFɂȂ邱Ƃ߂܂B

VFAEFAɂ
  VectorVFAW̃VFAEFA\ł
  http://www.vector.co.jp/soft/winnt/net/se442837.html

  VFAEFA \4,830

    i{̉i              4,500~
                          225~
    pҎ萔                100~
                            5~
    -------------------------------
    v                        4,830~

sU荞݂ɂ
  http://www2s.biglobe.ne.jp/~masa-nak/fal_mail/fal_mail.html

JCZX̍wɂ
  http://www2s.biglobe.ne.jp/~masa-nak/license.html

