#!/bin/bash

# parameter 1: source file

if [ -z "$1" ]; then
	echo "Source File not defined"
	exit 1
fi


TEMPFILE=`mktemp`
TEMPSQL=`mktemp`
SQLDB=EventData

echo "Source File: $1"
echo "Temporary File: $TEMPFILE"
echo "Destination File: $2"

echo ""
date
echo "Reading input file to temp.xml"

echo "<xml>" > $TEMPFILE
evtxexport $1 -t security -f xml | tail -n +2 >> $TEMPFILE
echo "</xml>" >> $TEMPFILE

echo ""
date
echo "Converting temp.xml to output SQL file"

evtx2sql-convert2sql.php -in $TEMPFILE | grep INSERT > $TEMPSQL

rm -f $TEMPFILE

date
echo ""
echo "Importing Data into SQL Database"
echo "

CREATE TABLE IF NOT EXISTS tbl_EventMeta (
	eventrecordid INT,
	time DATETIME(6)  NOT NULL,
	eventid INT NULL,
	task INT NULL,
	level INT NULL,
	keywords VARCHAR(32),
	computer VARCHAR(64) DEFAULT NULL,
	server VARCHAR(64) DEFAULT NULL,
	username VARCHAR(64) DEFAULT NULL,
	domainname VARCHAR(64) DEFAULT NULL,
	servicename VARCHAR(64) DEFAULT NULL,
	data VARCHAR(64) DEFAULT NULL,
	status VARCHAR(16)
);
" | mysql $SQLDB
mysql $SQLDB < $TEMPSQL

rm -f $TEMPSQL

date
echo "Finished"