From fb66b987ea11cb5252658c3b7746a958bbfa2c56 Mon Sep 17 00:00:00 2001
From: DustInDark <nextsasasa@gmail.com>
Date: Sun, 14 Nov 2021 17:49:46 +0900
Subject: [PATCH] fixed output evtx file path in  event statistics #192 (#193)

---
 src/timeline/statistics.rs | 5 ++++-
 src/timeline/timeline.rs   | 4 +++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/timeline/statistics.rs b/src/timeline/statistics.rs
index 6fdca70c..7aca3a03 100644
--- a/src/timeline/statistics.rs
+++ b/src/timeline/statistics.rs
@@ -4,6 +4,7 @@ use std::collections::HashMap;
 #[derive(Debug)]
 pub struct EventStatistics {
     pub total: usize,
+    pub filepath: String,
     pub start_time: String,
     pub end_time: String,
     pub stats_list: HashMap<String, usize>,
@@ -14,12 +15,14 @@ pub struct EventStatistics {
 impl EventStatistics {
     pub fn new(
         total: usize,
+        filepath: String,
         start_time: String,
         end_time: String,
         stats_list: HashMap<String, usize>,
     ) -> EventStatistics {
         return EventStatistics {
             total,
+            filepath,
             start_time,
             end_time,
             stats_list,
@@ -50,7 +53,7 @@ impl EventStatistics {
         if records.len() == 0 {
             return;
         }
-
+        self.filepath = records[0].evtx_filepath.as_str().to_owned();
         // sortしなくてもイベントログのTimeframeを取得できるように修正しました。
         // sortしないことにより計算量が改善されています。
         // もうちょっと感じに書けるといえば書けます。
diff --git a/src/timeline/timeline.rs b/src/timeline/timeline.rs
index 959db6ab..75603540 100644
--- a/src/timeline/timeline.rs
+++ b/src/timeline/timeline.rs
@@ -11,11 +11,12 @@ pub struct Timeline {
 impl Timeline {
     pub fn new() -> Timeline {
         let totalcnt = 0;
+        let filepath = "".to_owned();
         let starttm = "".to_string();
         let endtm = "".to_string();
         let statslst = HashMap::new();
 
-        let statistic = EventStatistics::new(totalcnt, starttm, endtm, statslst);
+        let statistic = EventStatistics::new(totalcnt, filepath, starttm, endtm, statslst);
         return Timeline { stats: statistic };
     }
 
@@ -36,6 +37,7 @@ impl Timeline {
         //println!("map -> {:#?}", evtstat_map);
         let mut sammsges: Vec<String> = Vec::new();
         sammsges.push("---------------------------------------".to_string());
+        sammsges.push(format!("Evtx_File_Path:{}", self.stats.filepath));
         sammsges.push(format!("Total_counts : {}\n", self.stats.total));
         sammsges.push(format!("firstevent_time: {}", self.stats.start_time));
         sammsges.push(format!("lastevent_time: {}\n", self.stats.end_time));