コード例 #1
0
        public static async Task <int> obSplunk(string newClientContent, ILogger log)
        {
            //
            // newClientContent looks like this:
            //
            // {
            //   "records":[
            //     {...},
            //     {...}
            //     ...
            //   ]
            // }
            //

            string splunkAddress        = Util.GetEnvironmentVariable("splunkAddress");
            string splunkToken          = Util.GetEnvironmentVariable("splunkToken");
            string splunkCertThumbprint = Util.GetEnvironmentVariable("splunkCertThumbprint");

            if (splunkAddress.Length == 0 || splunkToken.Length == 0)
            {
                log.LogError("Values for splunkAddress and splunkToken are required.");
                return(0);
            }

            ServicePointManager.Expect100Continue = true;
            ServicePointManager.SecurityProtocol  = SecurityProtocolType.Tls12;
            ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateMyCert);

            int bytesSent = 0;

            foreach (var transmission in convertToSplunkList(newClientContent, log))
            {
                var client = new SingleHttpClientInstance();
                try
                {
                    HttpRequestMessage req = new HttpRequestMessage(HttpMethod.Post, splunkAddress);
                    req.Headers.Accept.Clear();
                    req.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                    req.Headers.Add("Authorization", "Splunk " + splunkToken);
                    req.Content = new StringContent(transmission, Encoding.UTF8, "application/json");
                    HttpResponseMessage response = await SingleHttpClientInstance.SendToSplunk(req);

                    if (response.StatusCode != HttpStatusCode.OK)
                    {
                        throw new System.Net.Http.HttpRequestException($"StatusCode from Splunk: {response.StatusCode}, and reason: {response.ReasonPhrase}");
                    }
                }
                catch (System.Net.Http.HttpRequestException e)
                {
                    throw new System.Net.Http.HttpRequestException("Sending to Splunk. Is Splunk service running?", e);
                }
                catch (Exception f)
                {
                    throw new System.Exception("Sending to Splunk. Unplanned exception.", f);
                }
                bytesSent += transmission.Length;
            }
            return(bytesSent);
        }
コード例 #2
0
        static async Task obLogstash(string newClientContent, TraceWriter log)
        {
            string logstashAddress  = Util.GetEnvironmentVariable("logstashAddress");
            string logstashHttpUser = Util.GetEnvironmentVariable("logstashHttpUser");
            string logstashHttpPwd  = Util.GetEnvironmentVariable("logstashHttpPwd");

            if (logstashAddress.Length == 0 || logstashHttpUser.Length == 0 || logstashHttpPwd.Length == 0)
            {
                log.Error("Values for logstashAddress, logstashHttpUser and logstashHttpPwd are required.");
                return;
            }

            ServicePointManager.Expect100Continue = true;
            ServicePointManager.SecurityProtocol  = SecurityProtocolType.Tls12;
            ServicePointManager.ServerCertificateValidationCallback =
                new System.Net.Security.RemoteCertificateValidationCallback(
                    delegate { return(true); });

            // log.Info($"newClientContent: {newClientContent}");

            var client = new SingleHttpClientInstance();
            var creds  = Convert.ToBase64String(System.Text.ASCIIEncoding.ASCII.GetBytes(string.Format("{0}:{1}", logstashHttpUser, logstashHttpPwd)));

            try
            {
                HttpRequestMessage req = new HttpRequestMessage(HttpMethod.Post, logstashAddress);
                req.Headers.Accept.Clear();
                req.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                req.Headers.Add("Authorization", "Basic " + creds);
                req.Content = new StringContent(newClientContent, Encoding.UTF8, "application/json");
                HttpResponseMessage response = await SingleHttpClientInstance.SendToLogstash(req, log);

                if (response.StatusCode != HttpStatusCode.OK)
                {
                    log.Error($"StatusCode from Logstash: {response.StatusCode}, and reason: {response.ReasonPhrase}");
                }
            }
            catch (System.Net.Http.HttpRequestException e)
            {
                string msg = e.Message;
                if (e.InnerException != null)
                {
                    msg += " *** " + e.InnerException.Message;
                }
                log.Error($"HttpRequestException Error: \"{msg}\" was caught while sending to Logstash.");
                throw e;
            }
            catch (Exception f)
            {
                string msg = f.Message;
                if (f.InnerException != null)
                {
                    msg += " *** " + f.InnerException.Message;
                }
                log.Error($"Unknown error caught while sending to Logstash: \"{f.ToString()}\"");
                throw f;
            }
        }
コード例 #3
0
        public static async Task obHEC(List <string> standardizedEvents, ILogger log)
        {
            string splunkAddress = Utils.getEnvironmentVariable("splunkAddress");
            string splunkToken   = Utils.getEnvironmentVariable("splunkToken");

            if (splunkAddress.Length == 0 || splunkToken.Length == 0)
            {
                log.LogError("Values for splunkAddress and splunkToken are required.");
                throw new ArgumentException();
            }

            if (!string.IsNullOrWhiteSpace(splunkCertThumbprint))
            {
                if (!splunkAddress.ToLower().StartsWith("https"))
                {
                    throw new ArgumentException("Having provided a Splunk cert thumbprint, the address must be https://whatever");
                }
            }

            //ServicePointManager.Expect100Continue = true;
            //ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
            //ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateMyCert);

            var client = new SingleHttpClientInstance();

            foreach (string item in standardizedEvents)
            {
                try
                {
                    var httpRequestMessage = new HttpRequestMessage
                    {
                        Method     = HttpMethod.Post,
                        RequestUri = new Uri(splunkAddress),
                        Headers    =
                        {
                            { HttpRequestHeader.Authorization.ToString(), "Splunk " + splunkToken }
                        },
                        Content = new StringContent(item, Encoding.UTF8, "application/json")
                    };

                    HttpResponseMessage response = await SingleHttpClientInstance.SendToService(httpRequestMessage);

                    if (response.StatusCode != HttpStatusCode.OK)
                    {
                        throw new System.Net.Http.HttpRequestException($"StatusCode from Splunk: {response.StatusCode}, and reason: {response.ReasonPhrase}");
                    }
                }

                catch (System.Net.Http.HttpRequestException e)
                {
                    throw new System.Net.Http.HttpRequestException($"Sending to Splunk. Is Splunk service running:  {e.Message}. The following is the StackTrace: {e.StackTrace}. The following is the TargetSite: {e.TargetSite}. The following is the InnerException: {e.InnerException} ");
                }
                catch (Exception f)
                {
                    throw new System.Exception("Sending to Splunk. Unplanned exception.", f);
                }
            }
        }
コード例 #4
0
        public static async Task obHEC(List <string> standardizedEvents, TraceWriter log)
        {
            string splunkAddress = Utils.getEnvironmentVariable("splunkAddress");
            string splunkToken   = Utils.getEnvironmentVariable("splunkToken");

            if (splunkAddress.Length == 0 || splunkToken.Length == 0)
            {
                log.Error("Values for splunkAddress and splunkToken are required.");
                return;
            }

            ServicePointManager.Expect100Continue = true;
            ServicePointManager.SecurityProtocol  = SecurityProtocolType.Tls12;
            ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateMyCert);

            var newClientContent = new StringBuilder();

            log.Info("number of items: " + standardizedEvents.Count);
            foreach (string item in standardizedEvents)
            {
                newClientContent.Append(item);
            }
            var client = new SingleHttpClientInstance();

            try
            {
                HttpRequestMessage req = new HttpRequestMessage(HttpMethod.Post, splunkAddress);
                req.Headers.Accept.Clear();
                req.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                req.Headers.Add("Authorization", "Splunk " + splunkToken);
                req.Content = new StringContent(newClientContent.ToString(), Encoding.UTF8, "application/json");
                log.Info("ready to send");
                HttpResponseMessage response = await SingleHttpClientInstance.SendToSplunk(req);

                if (response.StatusCode != HttpStatusCode.OK)
                {
                    throw new System.Net.Http.HttpRequestException($"StatusCode from Splunk: {response.StatusCode}, and reason: {response.ReasonPhrase}");
                }
                else if (response.StatusCode == HttpStatusCode.OK)
                {
                    log.Info("successfully sent");
                }
                else
                {
                    log.Info(response.StatusCode.ToString());
                }
            }
            catch (System.Net.Http.HttpRequestException e)
            {
                log.Error(e.ToString());
                throw new System.Net.Http.HttpRequestException("Sending to Splunk. Is Splunk service running?", e);
            }
            catch (Exception f)
            {
                log.Error(f.ToString());
                throw new System.Exception("Sending to Splunk. Unplanned exception.", f);
            }
        }
コード例 #5
0
ファイル: Utils.cs プロジェクト: villanub/ASCSplunkFunctionV2
        public static async Task obHEC(List <string> standardizedEvents, ILogger log)
        {
            string splunkAddress = Utils.GetEnvironmentVariable("splunkAddress");
            string splunkToken   = Utils.GetEnvironmentVariable("splunkToken");

            if (splunkAddress.Length == 0 || splunkToken.Length == 0)
            {
                log.LogError("Values for splunkAddress and splunkToken are required.");
                throw new ArgumentException();
            }

            if (!string.IsNullOrWhiteSpace(splunkCertThumbprint))
            {
                if (!splunkAddress.ToLower().StartsWith("https"))
                {
                    throw new ArgumentException("Having provided a Splunk cert thumbprint, the address must be https://whatever");
                }
            }

            log.LogInformation($"Sending events count : {standardizedEvents.Count}");
            var client = new SingleHttpClientInstance();

            foreach (string item in standardizedEvents)
            {
                try
                {
                    var httpRequestMessage = new HttpRequestMessage
                    {
                        Method     = HttpMethod.Post,
                        RequestUri = new Uri(splunkAddress),
                        Headers    =
                        {
                            { HttpRequestHeader.Authorization.ToString(), "Splunk " + splunkToken }
                        },
                        Content = new StringContent(item, Encoding.UTF8, "application/json")
                    };

                    HttpResponseMessage response = await SingleHttpClientInstance.SendToService(httpRequestMessage);

                    if (response.StatusCode != HttpStatusCode.OK)
                    {
                        throw new System.Net.Http.HttpRequestException($"StatusCode from Splunk: {response.StatusCode}, and reason: {response.ReasonPhrase}");
                    }
                }
                catch (System.Net.Http.HttpRequestException e)
                {
                    throw new System.Net.Http.HttpRequestException("Sending to Splunk. Is Splunk service running?", e);
                }
                catch (Exception f)
                {
                    throw new System.Exception("Sending to Splunk. Unplanned exception.", f);
                }
            }
        }
コード例 #6
0
        public static async Task obHEC(string standardizedEvents, ILogger log)
        {
            string splunkAddress = getEnvironmentVariable("splunkAddress");
            string splunkToken   = getEnvironmentVariable("splunkToken");

            if (splunkAddress.Length == 0 || splunkToken.Length == 0)
            {
                log.LogError("Values for splunkAddress and splunkToken are required.");
                throw new ArgumentException();
            }

            var client = new SingleHttpClientInstance();

            try
            {
                var httpRequestMessage = new HttpRequestMessage
                {
                    Method     = HttpMethod.Post,
                    RequestUri = new Uri(splunkAddress),
                    Headers    =
                    {
                        { HttpRequestHeader.Authorization.ToString(), "Splunk " + splunkToken }
                    },
                    Content = new StringContent(standardizedEvents, Encoding.UTF8, "application/json")
                };

                HttpResponseMessage response = await SingleHttpClientInstance.SendToService(httpRequestMessage);

                if (response.StatusCode != HttpStatusCode.OK)
                {
                    throw new System.Net.Http.HttpRequestException($"StatusCode from Splunk: {response.StatusCode}, and reason: {response.ReasonPhrase}");
                }
            }
            catch (System.Net.Http.HttpRequestException e)
            {
                var msg = "Error sending to Splunk. \n";
                msg += e.Message + "\n";
                if (e.InnerException != null)
                {
                    msg += e.InnerException.Message;

                    if (e.InnerException.InnerException != null)
                    {
                        msg += e.InnerException.InnerException.Message;
                    }
                }
                throw new System.Net.Http.HttpRequestException(msg);
            }
            catch (Exception f)
            {
                throw new System.Exception($"Sending to Splunk. Unplanned exception. {f.Message}");
            }
        }
コード例 #7
0
        public static async Task obHEC(List <string> standardizedEvents, ILogger log)
        {
            string splunkAddress = Utils.getEnvironmentVariable("splunkAddress");
            string splunkToken   = Utils.getEnvironmentVariable("splunkToken");

            if (splunkAddress.Length == 0 || splunkToken.Length == 0)
            {
                log.LogError("Values for splunkAddress and splunkToken are required.");
                throw new ArgumentException();
            }

            ServicePointManager.Expect100Continue = true;
            ServicePointManager.SecurityProtocol  = SecurityProtocolType.Tls12;
            ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateMyCert);

            var client = new SingleHttpClientInstance();

            foreach (string item in standardizedEvents)
            {
                try
                {
                    var httpRequestMessage = new HttpRequestMessage
                    {
                        Method     = HttpMethod.Post,
                        RequestUri = new Uri(splunkAddress),
                        Headers    =
                        {
                            { HttpRequestHeader.Authorization.ToString(), "Splunk " + splunkToken }
                        },
                        Content = new StringContent(item, Encoding.UTF8, "application/json")
                    };

                    HttpResponseMessage response = await SingleHttpClientInstance.SendToService(httpRequestMessage);

                    if (response.StatusCode != HttpStatusCode.OK)
                    {
                        throw new System.Net.Http.HttpRequestException($"StatusCode from Splunk: {response.StatusCode}, and reason: {response.ReasonPhrase}");
                    }
                }
                catch (System.Net.Http.HttpRequestException e)
                {
                    throw new System.Net.Http.HttpRequestException("Sending to Splunk. Is Splunk service running?", e);
                }
                catch (Exception f)
                {
                    throw new System.Exception("Sending to Splunk. Unplanned exception.", f);
                }
            }
        }
コード例 #8
0
        private void gameOver()
        {
            SingleHttpClientInstance.AddScore(score);


            gameOverScore.Children.Clear();

            foreach (string score in SingleHttpClientInstance.GetScore())
            {
                Debug.WriteLine(score);
                TextBlock t = new TextBlock()
                {
                    FontSize = 25,
                    Margin   = new Thickness(5),
                    Text     = $"{score} Points"
                };
                gameOverScore.Children.Add(t);
            }

            gameOverPanel.Visibility = Visibility.Visible;
            gameOverText.Visibility  = Visibility.Visible;


            playing    = false;
            isGameOver = true;
            reset();

            rowCount    = 0;
            columnCount = 0;
            left        = 0;
            score       = 0;

            currentPieceID = random.Next(1, 8);
            nextPieceID    = random.Next(1, 8);
            timer.Interval = new TimeSpan(0, 0, 0, 0, speed);

            startButton.Content = "START";
        }
コード例 #9
0
        public static async Task obSplunk(string newClientContent, TraceWriter log)
        {
            //
            // newClientContent looks like this:
            //
            // {
            //   "records":[
            //     {...},
            //     {...}
            //     ...
            //   ]
            // }
            //

            string splunkAddress = Util.GetEnvironmentVariable("splunkAddress");
            string splunkToken   = Util.GetEnvironmentVariable("splunkToken");

            if (splunkAddress.Length == 0 || splunkToken.Length == 0)
            {
                log.Error("Values for splunkAddress and splunkToken are required.");
                return;
            }

            ServicePointManager.Expect100Continue = true;
            ServicePointManager.SecurityProtocol  = SecurityProtocolType.Tls12;
            ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateMyCert);

            var transmission = new StringBuilder();

            foreach (var message in convertToSplunk(newClientContent, null, log))
            {
                //
                // message looks like this:
                //
                // {
                //   "time": "xxx",
                //   "category": "xxx",
                //   "operationName": "xxx",
                //   "version": "xxx",
                //   "deviceExtId": "xxx",
                //   "flowOrder": "xxx",
                //   "nsgRuleName": "xxx",
                //   "dmac|smac": "xxx",
                //   "rt": "xxx",
                //   "src": "xxx",
                //   "dst": "xxx",
                //   "spt": "xxx",
                //   "dpt": "xxx",
                //   "proto": "xxx",
                //   "deviceDirection": "xxx",
                //   "act": "xxx"
                //  }
                transmission.Append(GetSplunkEventFromMessage(message));
            }

            var client = new SingleHttpClientInstance();

            try
            {
                HttpRequestMessage req = new HttpRequestMessage(HttpMethod.Post, splunkAddress);
                req.Headers.Accept.Clear();
                req.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                req.Headers.Add("Authorization", "Splunk " + splunkToken);
                req.Content = new StringContent(transmission.ToString(), Encoding.UTF8, "application/json");
                HttpResponseMessage response = await SingleHttpClientInstance.SendToSplunk(req);

                if (response.StatusCode != HttpStatusCode.OK)
                {
                    throw new System.Net.Http.HttpRequestException($"StatusCode from Splunk: {response.StatusCode}, and reason: {response.ReasonPhrase}");
                }
            }
            catch (System.Net.Http.HttpRequestException e)
            {
                throw new System.Net.Http.HttpRequestException("Sending to Splunk. Is Splunk service running?", e);
            }
            catch (Exception f)
            {
                throw new System.Exception("Sending to Splunk. Unplanned exception.", f);
            }
        }
コード例 #10
0
        public static async Task obProxy(List <string> standardizedEvents, ILogger log)
        {
            string proxyAddress = Utils.getEnvironmentVariable("proxyAddress");

            if (proxyAddress.Length == 0)
            {
                log.LogError("Address of proxy function is required.");
                throw new ArgumentException();
            }

            string serviceResourceIDURI = Utils.getEnvironmentVariable("serviceResourceIDURI");

            if (serviceResourceIDURI.Length == 0)
            {
                log.LogError("The AAD service resource ID URI (serviceResourceIDURI) of the proxy app is required.");
                throw new ArgumentException();
            }

            string astpConnection = "";
            bool   devEnvironment = Utils.getEnvironmentVariable("FUNCTIONS_CORETOOLS_ENVIRONMENT").ToLower() == "true";

            if (devEnvironment)
            {
                astpConnection = Utils.getEnvironmentVariable("astpConnectionString");
            }
            // log.LogInformation($"devEnvironment: {devEnvironment}, astpConnection: {astpConnection}");

            string accessToken = "";

            try
            {
                var azureServiceTokenProvider = new AzureServiceTokenProvider(
                    connectionString: astpConnection
                    );

                accessToken = await azureServiceTokenProvider.GetAccessTokenAsync(serviceResourceIDURI);
            } catch (Exception ex)
            {
                log.LogError($"Error acquiring token from AzureServiceTokenProvider: {ex.Message}");
                throw;
            }

            //ServicePointManager.Expect100Continue = true;
            //ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
            //ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateMyCert);

            var client = new SingleHttpClientInstance();

            StringBuilder bulkTransmission = new StringBuilder();

            foreach (string item in standardizedEvents)
            {
                bulkTransmission.Append(item);
            }
            try
            {
                var httpRequestMessage = new HttpRequestMessage
                {
                    Method     = HttpMethod.Post,
                    RequestUri = new Uri(proxyAddress),
                    Headers    =
                    {
                        { HttpRequestHeader.Authorization.ToString(), "Bearer " + accessToken }
                    },
                    Content = new StringContent(bulkTransmission.ToString(), Encoding.UTF8)
                };

                HttpResponseMessage response = await SingleHttpClientInstance.SendToService(httpRequestMessage);

                if (response.StatusCode != HttpStatusCode.OK)
                {
                    throw new System.Net.Http.HttpRequestException($"StatusCode from Proxy Function: {response.StatusCode}, and reason: {response.ReasonPhrase}");
                }
            }
            catch (System.Net.Http.HttpRequestException e)
            {
                throw new System.Net.Http.HttpRequestException("Sending to Proxy Function. Is the service running?", e);
            }
            catch (Exception f)
            {
                throw new System.Exception("Sending to Proxy Function. Unplanned exception.", f);
            }
        }
コード例 #11
0
        public static async Task SendEvents(List <string> standardizedEvents, ILogger log)
        {
            string destinationAddress = Config.GetValue(ConfigSettings.DestinationAddress);

            if (String.IsNullOrWhiteSpace(destinationAddress))
            {
                log.LogError("destinationAddress config setting is required and not set.");
                return;
            }

            string destinationToken = Config.GetValue(ConfigSettings.DestinationToken);

            if (String.IsNullOrWhiteSpace(destinationToken))
            {
                log.LogInformation("destinationToken config setting is not set; proceeding with anonymous call.");
            }

            ServicePointManager.Expect100Continue = true;
            ServicePointManager.SecurityProtocol  = SecurityProtocolType.Tls12;
            ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateMyCert);

            // HACK: Build the list of events into a JSON array because that is the format the Azure Event Grid Viewer expects
            StringBuilder newClientContent = new StringBuilder();

            newClientContent.Append("[");
            for (int iEvent = 0; iEvent < standardizedEvents.Count; iEvent++)
            {
                newClientContent.Append(standardizedEvents[iEvent]);

                if (iEvent != standardizedEvents.Count - 1)
                {
                    newClientContent.Append(",");
                }
            }
            newClientContent.Append("]");

            if (Config.GetBool(ConfigSettings.LogRawData))
            {
                log.LogInformation($"Sending:\r\n{newClientContent.ToString()}");
            }

            SingleHttpClientInstance client = new SingleHttpClientInstance();

            try
            {
                HttpRequestMessage req = new HttpRequestMessage(HttpMethod.Post, destinationAddress);
                req.Headers.Accept.Clear();
                req.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

                if (!String.IsNullOrWhiteSpace(destinationToken))
                {
                    req.Headers.Add("Authorization", "Bearer " + destinationToken);
                }

                // WebHook stuff
                req.Headers.Add("aeg-event-type", "Notification");

                req.Content = new StringContent(newClientContent.ToString(), Encoding.UTF8, "application/json");
                HttpResponseMessage response = await SingleHttpClientInstance.SendRequest(req);

                if (response.StatusCode == HttpStatusCode.OK)
                {
                    log.LogInformation("Send successful");
                }
                else
                {
                    throw new System.Net.Http.HttpRequestException($"Request failed.  StatusCode: {response.StatusCode}, and reason: {response.ReasonPhrase}");
                }
            }
            catch (System.Net.Http.HttpRequestException hrex)
            {
                log.LogError($"Http error while sending: {hrex}");
                throw;
            }
            catch (Exception ex)
            {
                log.LogError($"Unexpected error while sending: {ex}");
                throw;
            }
        }