ansaurus

Question

Answer 1

A:

If you really want to capture all accesses to the SystemIndex, that would be quite the tall order, as there are multiple ways it can be accessed:

If we ignore that for a bit and focus on your other goal:

What I want to do is analyze these queries in order get a better understanding on how to build queries for my personal search utility

Then I would look into the ISearchQueryHelper Interface.

ISearchQueryHelper Interface

Provides methods for building a query from user input, converting a query to Windows Search SQL, and obtaining a connection string to initialize a connection to the Window Search index.

One method of that interface is GenerateSQLFromUserQuery, which may help you out.

GenerateSQLFromUserQuery

Generates a Structured Query Language (SQL) query based on a client-supplied query string expressed in either Advanced Query Syntax (AQS) or Natural Query Syntax (NQS).

GalacticJello 2010-07-15 15:59:28

I already use and understand the interface and method. There must be a way to capture the queries against the index. Regardless of the multiple ways of capturing the user's query, I believe everything is converted into a SELECT statement at the lowest level. I want to capture these SELECT statements.

AMissico 2010-07-16 04:59:53

You could try finding the DLL that implements the ISearchQueryHelper and/or the methods of interest and create a wrapper around it, so every process that uses it will load you instead, and then you just log the requests and pass the request to the real dll...

GalacticJello 2010-07-16 18:01:18

Answer 2

A:

The system index is implemented as an OLE DB source. You can find out the data source from the connection string provided by ISearchQueryHelper::get_ConnectionString. I've been looking for a way to monitor an OLE DB source, but turned up nothing so far.

The OLE DB boils down to the Extensible Storage Engine (ESE) file named Windows.edb that exists, by default, in the \All Users\Application Data\Microsoft\Search\Data\Applications\Windows\ profile folder.

All ESE files are managed by ESENT.DLL. It may be possible to hook this DLL and trace queries. Hooking and logging is possible with programs such as with StraceNT, and xptruss

After a couple of hours searching, there doesn't appear to be any simpler way to get a log of all Windows Search queries. Since learning the query syntax is your goal, it may be simpler to look elsewhere for learning aids, such as using the default Windows Search UI and using the query log that you know about already. It may also be helpful to experiement with converting ADS and NDS queries to SQL using the ISearchQueryHelper interface.

mdma 2010-07-21 21:19:19

"helpful to experiment": I have and been able to adjust my queries to better duplicate the results of "Indexing Service" results.

AMissico 2010-07-22 01:23:53

I have been able to duplicate the default Windows Search UI queries by reviewing the log generated when `WriteLog` is set. It is generic and retrieves too many unneeded properties, such as picture, music, and other "silly" properties that I do not need for "code searching". I want to see how *Outlook* and *OneNote* handle the queries because these applications would perform "specific" queries. I want to create queries that can search "code" effectively.

AMissico 2010-07-22 01:28:33

ansaurus

tags:

views:

answers:

Tracking "Windows Search" Queries

related questions