Esempio n. 1
0
File: App.cs Progetto: harrwiss/WFN 
        private async Task EventLogPollingTaskAsync(int waitMillis)
        {
            try
            {
                LogHelper.Info($"Start security event log polling ...");
                DateTime          lastLogEntryTimeStamp = DateTime.Now;
                CancellationToken cancellationToken     = _eventLogPollingTaskCancellationTokenSource.Token;
                while (true)
                {
                    try
                    {
                        using (EventLog securityLog = new EventLog("security"))
                        {
                            List <EventLogEntry> newEntryList = new List <EventLogEntry>();
                            int      entryIndex             = securityLog.Entries.Count - 1;
                            DateTime newestEntryTimeWritten = securityLog.Entries[entryIndex].TimeWritten;
                            for (int i = entryIndex; i >= 0; i--)
                            {
                                CheckCancelTaskRequestedAndThrow(cancellationToken);
                                EventLogEntry entry      = securityLog.Entries[i];
                                bool          isNewEntry = entry.TimeWritten > lastLogEntryTimeStamp;
                                if (isNewEntry)
                                {
                                    if (IsEventInstanceIdAccepted(entry.InstanceId))
                                    {
                                        WPFUtils.DispatchUI(() => App.GetActivityWindow().ShowActivity(ActivityWindow.ActivityEnum.Blocked));
                                        newEntryList.Insert(0, entry);
                                    }
                                    else
                                    {
                                        WPFUtils.DispatchUI(() => App.GetActivityWindow().ShowActivity(ActivityWindow.ActivityEnum.Allowed));
                                    }
                                }
                                else
                                {
                                    break;
                                }
                            }
                            lastLogEntryTimeStamp = newestEntryTimeWritten;

                            foreach (EventLogEntry entry in newEntryList)
                            {
                                CheckCancelTaskRequestedAndThrow(cancellationToken);
                                Application.Current.Dispatcher.Invoke(() =>
                                {
                                    // dispatch to ui thread
                                    _application.HandleEventLogNotification(entry);
                                });
                            }
                        }
                    }
                    catch (ArgumentException e)
                    {
                        LogHelper.Warning($"Security log entry does not exist anymore:" + e.Message);
                    }
                    CheckCancelTaskRequestedAndThrow(cancellationToken);
                    await Task.Delay(waitMillis, cancellationToken).ConfigureAwait(false);
                }
            }
            catch (SecurityException se)
            {
                LogHelper.Error($"Notifier cannot access security event log: { se.Message}. Notifier needs to be started with admin rights and will exit now", se);
                MessageBox.Show($"Notifier cannot access security event log:\n{se.Message}\nNotifier needs to be started with admin rights.\nNotifier will exit.", "Error", MessageBoxButton.OK, MessageBoxImage.Error);
                this._application.Shutdown();
            }
            catch (Exception e)
            {
                LogHelper.Error("EventLogPollingTaskAsync exception: " + e.Message, e);
                MessageBox.Show($"Security event log polling exception:\n{e.Message}\nNotifier will exit", "Error", MessageBoxButton.OK, MessageBoxImage.Warning);
                this._application.Shutdown();
            }
        }