private static void Start_Send_File_Based_Logs()
{
bool Data_Sent = false;
try
{
if (Settings.Log_Forwarders_HostNames.Any(s => string.Equals(s, "127.0.0.1", StringComparison.OrdinalIgnoreCase)) == false && Settings.Log_Forwarders_HostNames.Any(s => string.IsNullOrEmpty(s)) == false)
{
for (int z = 0; z < Read_Local_Files.FileContents_From_FileReads.Count; ++z)
{
EventLog_SWELF.WRITE_EventLog_From_SWELF_Search(Read_Local_Files.FileContents_From_FileReads.ElementAt(z));
Data_Sent = Log_Network_Forwarder.SEND_Logs(Read_Local_Files.FileContents_From_FileReads.ElementAt(z));
if (Data_Sent == true && File_Operation.CHECK_if_File_Exists(Settings.GET_ErrorLog_Location) && Settings.AppConfig_File_Args.ContainsKey(Settings.SWELF_AppConfig_Args[15]))
{
File.Delete(Read_Local_Files.FileContents_From_FileReads.ElementAt(z));
File.Create(Read_Local_Files.FileContents_From_FileReads.ElementAt(z)).Close();
}
}
}
}
catch (Exception e)//network resource unavailable. Dont send data and try again next run. No logs will be queued by app only re read
{
Settings.Log_Storage_Location_Unavailable(" Start_Send_File_Based_Logs() " + e.Message.ToString());
}
}
private static void Start_Write_To_SWELF_EventLogs()
{
for (int z = 0; z < Settings.SWELF_Events_Of_Interest_Matching_EventLogs.Count; ++z)
{
try
{
EventLog_SWELF.WRITE_EventLog_From_SWELF_Search(Settings.SWELF_Events_Of_Interest_Matching_EventLogs.ElementAt(z));
}
catch (Exception e)
{
Error_Operation.Log_Error("Start_Write_To_SWELF_EventLogs()", "An EventLog " + Settings.SWELF_Events_Of_Interest_Matching_EventLogs.ElementAt(z).GET_XML_of_Log + " errored on write to SWELF Eventlog with the following error " + e.Message.ToString(), e.StackTrace.ToString(), Error_Operation.LogSeverity.Warning);
}
}
}
private static void Start_Run_Plugins()
{
try
{
Settings.Plugin_Search_Terms_Unparsed = Settings.Plugin_Search_Terms_Unparsed.Distinct().ToList();
for (int x = 0; x < Settings.Plugin_Search_Terms_Unparsed.Count; ++x)
{
EventLog_Entry PSLog = new EventLog_Entry();
PSLog.ComputerName = Settings.ComputerName;
PSLog.EventID = Convert.ToInt32(Error_Operation.EventID.Powershell_Plugin);
PSLog.LogName = "SWELF PowerShell Plugin Output";
PSLog.Severity = "Information";
PSLog.CreatedTime = DateTime.Now;
PSLog.TaskDisplayName = "SWELF Powershell Plugin Output";
PSLog.SearchRule = "SWELF_Powershell_Plugin=" + Settings.Plugin_Search_Terms_Unparsed.ElementAt(x);
PSLog.UserID = Environment.UserName;
PSLog.EventData = Powershell_Plugin.Run_PS_Script(Settings.Plugin_Search_Terms_Unparsed.ElementAt(x).Split(Settings.SplitChar_SearchCommandSplit[0]).ElementAt(0), Settings.Plugin_Search_Terms_Unparsed.ElementAt(x).Split(Settings.SplitChar_SearchCommandSplit[0]).ElementAt(2));
if (PSLog.EventData.ToLower().Contains(Settings.Plugin_Search_Terms_Unparsed.ElementAt(x).Split(Settings.SplitChar_SearchCommandSplit[0]).ElementAt(1).ToLower()))
{
Settings.PS_Plugin_SWELF_Events_Of_Interest_Matching_EventLogs.Enqueue(PSLog);
try
{
EventLog_SWELF.WRITE_EventLog_From_SWELF_Search(Settings.PS_Plugin_SWELF_Events_Of_Interest_Matching_EventLogs.ElementAt(0));
Log_Network_Forwarder.SEND_Logs(Settings.PS_Plugin_SWELF_Events_Of_Interest_Matching_EventLogs);
}
catch (Exception e)
{
Error_Operation.Log_Error("Network_Forwarder.SEND_Logs(), EventLog_SWELF.WRITE_EventLog_From_SWELF_Search(), or Start_Run_Plugins()", Settings.EventLog_w_PlaceKeeper_List.ElementAt(x) + " HostEventLogAgent_Eventlog.WRITE_EventLog " + e.Message.ToString(), e.StackTrace.ToString(), Error_Operation.LogSeverity.Warning);
}
}
}
Settings.PS_PluginDone = true;
GC.Collect();
}
catch (Exception e)
{
Error_Operation.Log_Error("Powershell_Plugin.Run_PS_Script() ", e.StackTrace.ToString(), e.Message.ToString(), Error_Operation.LogSeverity.Warning);
Error_Operation.SEND_Errors_To_Central_Location();
Settings.PS_PluginDone = true;
}
}