public XmlElement ToXml(XmlDocument document)
{
XmlElement alertNode = document.CreateElement("idmef:Heartbeat", "http://iana.org/idmef");
alertNode.SetAttribute("messageId", messageId);
alertNode.AppendChild(analyzer.ToXml(document));
alertNode.AppendChild(createTime.ToXml(document));
if (heartbeatInterval != null)
{
XmlElement subNode = document.CreateElement("idmef:HeartbeatInterval", "http://iana.org/idmef");
XmlNode subNodeText = document.CreateNode(XmlNodeType.Text, "idmef", "HeartbeatInterval", "http://iana.org/idmef");
subNodeText.Value = heartbeatInterval.ToString();
subNode.AppendChild(subNodeText);
alertNode.AppendChild(subNode);
}
if (analyzerTime != null)
{
alertNode.AppendChild(analyzerTime.ToXml(document));
}
if (additionalData != null)
{
foreach (var ad in additionalData)
{
if (ad != null)
{
alertNode.AppendChild(ad.ToXml(document));
}
}
}
return(alertNode);
}
public XmlElement ToXml(XmlDocument document)
{
XmlElement analyzerNode = document.CreateElement("idmef:Analyzer", "http://iana.org/idmef");
if (!string.IsNullOrEmpty(analyzerId))
{
analyzerNode.SetAttribute("analyzerid", analyzerId);
}
if (!string.IsNullOrEmpty(name))
{
analyzerNode.SetAttribute("name", name);
}
if (!string.IsNullOrEmpty(manufacturer))
{
analyzerNode.SetAttribute("manufacturer", manufacturer);
}
if (!string.IsNullOrEmpty(model))
{
analyzerNode.SetAttribute("model", model);
}
if (!string.IsNullOrEmpty(clazz))
{
analyzerNode.SetAttribute("class", clazz);
}
if (!string.IsNullOrEmpty(osType))
{
analyzerNode.SetAttribute("ostype", osType);
}
if (!string.IsNullOrEmpty(osVersion))
{
analyzerNode.SetAttribute("osversion", osVersion);
}
if (node != null)
{
analyzerNode.AppendChild(node.ToXml(document));
}
if (process != null)
{
analyzerNode.AppendChild(process.ToXml(document));
}
if (analyzer != null)
{
analyzerNode.AppendChild(analyzer.ToXml(document));
}
return(analyzerNode);
}
public XmlElement ToXml(XmlDocument document)
{
XmlElement alertNode = document.CreateElement("idmef:Alert", "http://iana.org/idmef");
alertNode.SetAttribute("messageId", messageId);
alertNode.AppendChild(analyzer.ToXml(document));
alertNode.AppendChild(createTime.ToXml(document));
alertNode.AppendChild(classification.ToXml(document));
if (detectTime != null)
{
alertNode.AppendChild(detectTime.ToXml(document));
}
if (analyzerTime != null)
{
alertNode.AppendChild(analyzerTime.ToXml(document));
}
if (source != null)
{
foreach (var src in source)
{
if (src != null)
{
alertNode.AppendChild(src.ToXml(document));
}
}
}
if (target != null)
{
foreach (var tgt in target)
{
if (tgt != null)
{
alertNode.AppendChild(tgt.ToXml(document));
}
}
}
if (assessment != null)
{
alertNode.AppendChild(assessment.ToXml(document));
}
int subs = 0;
if (toolAlert != null)
{
subs++;
alertNode.AppendChild(toolAlert.ToXml(document));
}
if (overflowAlert != null)
{
subs++;
alertNode.AppendChild(overflowAlert.ToXml(document));
}
if (correlationAlert != null)
{
subs++;
alertNode.AppendChild(correlationAlert.ToXml(document));
}
if (subs > 1)
{
throw new InvalidOperationException("Only one subclass of Alert can be attached.");
}
if (additionalData != null)
{
foreach (var ad in additionalData)
{
if (ad != null)
{
alertNode.AppendChild(ad.ToXml(document));
}
}
}
return(alertNode);
}