C# (CSharp) EncodedAuditFieldsUtils.DecodeHexStringIfNeeded 예제들

프로그래밍 언어: C# (CSharp)

메소드/함수: DecodeHexStringIfNeeded

hotexamples.com에서의 예제들: 3

C# (CSharp) EncodedAuditFieldsUtils.DecodeHexStringIfNeeded - 3개의 예제가 발견되었습니다. 이것들은 오픈소스 프로젝트에서 추출된 C# (CSharp)의 EncodedAuditFieldsUtils.DecodeHexStringIfNeeded에 대한 실세계 최고 등급의 예제들입니다. 예제들을 평가하여 예제의 품질 향상에 도움을 줄 수 있습니다.

자주 사용되는 메소드들

보기 숨기기

DecodeHexStringIfNeeded(3)

예제 #1

파일 보기

        private ConnectionsPayload CreateConnPayloadFromAuditEvent(AuditEvent auditEvent)
        {
            ConnectionsPayload payload = new ConnectionsPayload();

            payload.Direction   = GetConnectionDirection();
            payload.Protocol    = EProtocol.Tcp.ToString();
            payload.Executable  = EncodedAuditFieldsUtils.DecodeHexStringIfNeeded(auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.Executable), Encoding.UTF8);
            payload.CommandLine = EncodedAuditFieldsUtils.DecodeHexStringIfNeeded(auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.ProcessTitle), Encoding.UTF8);
            payload.ProcessId   = UInt32.Parse(auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.ProcessId));
            payload.UserId      = auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.UserId);

            return(payload);
        }

예제 #2

파일 보기

        /// <summary>
        /// Converts an audit event to a device event
        /// </summary>
        /// <param name="auditEvent">Audit event to convert</param>
        /// <returns>Device event based on the input</returns>
        private IEvent AuditEventToDeviceEvent(AuditEvent auditEvent)
        {
            ProcessCreationPayload payload = new ProcessCreationPayload
            {
                CommandLine     = EncodedAuditFieldsUtils.DecodeHexStringIfNeeded(auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.CommandLine), Encoding.UTF8),
                Executable      = auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.Executable),
                ProcessId       = Convert.ToUInt32(auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.ProcessId)),
                ParentProcessId = Convert.ToUInt32(auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.ParentProcessId)),
                Time            = auditEvent.TimeUTC,
                UserId          = auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.UserId)
            };

            return(new ProcessCreate(Priority, payload));
        }

예제 #3

파일 보기

        /// <summary>
        /// Converts an audit event to a device event
        /// </summary>
        /// <param name="auditEvent">Audit event to convert</param>
        /// <returns>Device event based on the input</returns>
        private IEvent AuditEventToDeviceEvent(AuditEvent auditEvent)
        {
            var  executable        = auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.Executable);
            bool isExecutableExist = executableHash.TryGetValue(executable, out string hash);

            hash = isExecutableExist ? hash : "";

            ProcessCreationPayload payload = new ProcessCreationPayload
            {
                CommandLine     = EncodedAuditFieldsUtils.DecodeHexStringIfNeeded(auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.CommandLine), Encoding.UTF8),
                Executable      = executable,
                ProcessId       = Convert.ToUInt32(auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.ProcessId)),
                ParentProcessId = Convert.ToUInt32(auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.ParentProcessId)),
                Time            = auditEvent.TimeUTC,
                UserId          = auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.UserId),
                ExtraDetails    = new Dictionary <string, string>()
                {
                    { "Hash", hash }
                }
            };

            return(new ProcessCreate(Priority, payload));
        }