コード例 #1
0
        public SecurityLog(EventLogRecord rec, string[] refs)
        {
            var props = rec.GetPropertyValues(new EventLogPropertySelector(refs));

            Console.WriteLine(count++);
            ProcessId   = (int)(uint)props[2];
            TimeCreated = (DateTime?)props[1];
            Source      = (string)props[0];

            var keyTask = new ProviderMetadataCache <int?>(Source, (int?)(ushort)props[3]);

            if (!Tasks.ContainsKey(keyTask))
            {
                Tasks[keyTask] = rec.TaskDisplayName;
            }
            Task = Tasks[keyTask];

            var keyOpeCode = new ProviderMetadataCache <short?>(Source, (short?)(byte)props[4]);

            if (!OpCodes.ContainsKey(keyOpeCode))
            {
                OpCodes[keyOpeCode] = rec.OpcodeDisplayName;
            }
            OpCode = OpCodes[keyOpeCode];

            var keyKeyword = new ProviderMetadataCache <long?>(Source, (long?)(ulong)props[5]);

            if (!Keywords.ContainsKey(keyKeyword))
            {
                Keywords[keyKeyword] = rec.KeywordsDisplayNames.FirstOrDefault();
            }

            Message = rec.FormatDescription();
        }
コード例 #2
0
        public void EventLogEventRead(object obj, EventRecordWrittenEventArgs arg)
        {
            try
            {
                if (arg.EventRecord != null)
                {
                    // check on keywords in the General Description and send message to the Nagios server
                    if (supressedIDs != null && supressedIDs.Contains(arg.EventRecord.Id))
                    {
                        return;
                    }

                    if (EventRaised != null)
                    {
                        Thread.CurrentThread.CurrentCulture = new CultureInfo("en-US"); // need to fix MS bug

                        EventLogRecord r     = (EventLogRecord)arg.EventRecord;
                        string         msg   = r.FormatDescription();
                        string         mPath = "";

                        if (string.IsNullOrWhiteSpace(msg))
                        {
                            using (var eln = new System.Diagnostics.EventLog(r.LogName, r.MachineName))
                            {
                                System.Diagnostics.EventLogEntryCollection eCollection = eln.Entries;
                                int cnt = eCollection.Count;
                                for (int i = cnt - 1; i >= Math.Max(0, cnt - 200); i--)
                                {
                                    var xe = eCollection[i];
                                    if (xe.Index == r.RecordId)
                                    {
                                        msg   = xe.Message;
                                        mPath = " s";
                                        break;
                                    }
                                }
                            }
                        }

                        if (_rxFilter != null && string.IsNullOrWhiteSpace(msg) == false && !_rxFilter.IsMatch(msg))
                        {
                            return;
                        }

                        string fMsg = string.Format("{0}, EventID = {1}{2}{3}", arg.EventRecord.TimeCreated.HasValue ? arg.EventRecord.TimeCreated : DateTime.Now, r.Id & 0xFFFF, System.Environment.NewLine, msg);
                        EventRaised.Invoke(this, new EventWatcherArgs(this.EventDescription.NagiosServiceName, this.EventDescription.MessageLevel,
                                                                      fMsg));
                    }
                }
            }
            catch (Exception ex)
            {
                Nagios.Net.Client.Log.WriteLog(ex.Message + "\n" + ex.StackTrace, true);
            }
        }