public override string Execute(EventEntry evtlog) { if (path == null) { return(goto_next); } ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); // run process without creating window System.Diagnostics.ProcessStartInfo startInfo = new System.Diagnostics.ProcessStartInfo(); startInfo.WindowStyle = System.Diagnostics.ProcessWindowStyle.Hidden; startInfo.FileName = tpl.Apply(path); startInfo.Arguments = tpl.Apply(args); startInfo.UseShellExecute = false; Log.Info("CmdProcessor: executing command: " + startInfo.FileName + " " + startInfo.Arguments); System.Diagnostics.Process process = System.Diagnostics.Process.Start(startInfo); if (process != null && waitForExit) { process.WaitForExit(); evtlog.SetProcData(Name + ".ExitCode", process.ExitCode); } return(goto_next); }
public override string Execute(EventEntry evtlog) { if (string.IsNullOrEmpty(this.interval)) { return(goto_next); } ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); string value = tpl.Apply(this.interval); int intvl; if (!int.TryParse(value, out intvl)) { Log.Info("unable to parse \"" + value + "\" as integer"); return(goto_next); } switch (mode) { case SleepMode.Normal: Thread.Sleep(1000 * intvl); break; case SleepMode.Random: Thread.Sleep(rnd.Next(1000 * intvl)); break; default: Log.Warn("unsupported sleep mode " + mode); break; } return(goto_next); }
public override string Execute(EventEntry evtlog) { if (string.IsNullOrEmpty(this.interval)) return goto_next; ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); string value = tpl.Apply(this.interval); int intvl; if (!int.TryParse(value, out intvl)) { Log.Info("unable to parse \"" + value + "\" as integer"); return goto_next; } switch (mode) { case SleepMode.Normal: Thread.Sleep(1000 * intvl); break; case SleepMode.Random: Thread.Sleep(rnd.Next(1000 * intvl)); break; default: Log.Warn("unsupported sleep mode " + mode); break; } return goto_next; }
public override string Execute(EventEntry evtlog) { ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); IList <Tuple <string, string> > colvals = new List <Tuple <string, string> >(columns.Count); foreach (var item in columns) { colvals.Add(Tuple.Create(item.Item1, tpl.Apply(item.Item2))); } if (!async) { lock (syncLock) { Save(colvals, 1); } } else { if (!asyncQueue.TryAdd(colvals)) { Log.Warn("unable to add new data to full queue (queue size: " + asyncQueue.Count + ")"); // we could store data into a SQL file that could be later inserted in DB } } return(goto_next); }
public override string Execute(EventEntry evtlog) { F2BSection config = F2B.Config.Instance; ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); string senderEx = tpl.Apply(sender); string recipientEx = Regex.Replace(tpl.Apply(recipient), @"^[ ,]*(.*?)[ ,]*$", "$1"); string subjectEx = tpl.Apply(subject); Log.Info("Sending mail notification (from=" + senderEx + ",to=" + recipientEx + ",subject=" + subjectEx + ")"); MailMessage mail = new MailMessage(senderEx, recipientEx); mail.Subject = subjectEx; mail.Body = tpl.Apply(body); SmtpClient client = new SmtpClient(); client.Port = config.Smtp.Port.Value; client.DeliveryMethod = SmtpDeliveryMethod.Network; client.UseDefaultCredentials = false; client.Host = config.Smtp.Host.Value; client.EnableSsl = config.Smtp.Ssl.Value; client.Credentials = smtpAuth; client.Send(mail); #if DEBUG Interlocked.Increment(ref nmsgs); #endif return(goto_next); }
protected override void ExecuteFail2banAction(EventEntry evtlog, IPAddress addr, int prefix, long expiration) { ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); // run process without creating window System.Diagnostics.Process process = new System.Diagnostics.Process(); System.Diagnostics.ProcessStartInfo startInfo = new System.Diagnostics.ProcessStartInfo(); startInfo.WindowStyle = System.Diagnostics.ProcessWindowStyle.Hidden; startInfo.FileName = path; startInfo.Arguments = tpl.Apply(args); startInfo.UseShellExecute = false; //startInfo.EnvironmentVariables.Add("F2B_ADDRESS", address); //startInfo.EnvironmentVariables.Add("F2B_EXPIRATION", expiration.ToString()); process.StartInfo = startInfo; Log.Info("Fail2banCmdProcessor: executing command: " + startInfo.FileName + " " + startInfo.Arguments); process.Start(); }
public override string Execute(EventEntry evtlog) { if (value == null) { return(goto_next); } ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); string data = tpl.Apply(value); if (!regex.IsMatch(data)) { return(goto_failure); } return(goto_success); }
public override string Execute(EventEntry evtlog) { if (template == null) { return goto_next; } ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); string label = tpl.Apply(template); if (service.HasProcessor(label)) { return label; } else { Log.Info("processor " + label + " not defined, using goto error"); return goto_error; } }
public override string Execute(EventEntry evtlog) { if (template == null) { return(goto_next); } ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); string label = tpl.Apply(template); if (Service.HasProcessor(label)) { return(label); } else { Log.Info("processor " + label + " not defined, using goto error"); return(goto_failure); } }
public override string Execute(EventEntry evtlog) { lock (this) { ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); powershell.Commands.Clear(); powershell.AddCommand(tpl.Apply(funct)); foreach (Tuple <string, string> item in pars) { powershell.AddParameter(item.Item1, tpl.Apply(item.Item2)); } // we keep just last result from invoke call foreach (PSObject result in powershell.Invoke()) { evtlog.SetProcData(Name + ".Result", result.BaseObject); } } return(goto_next); }
public override string Execute(EventEntry evtlog) { ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); string data = tpl.Apply(template); try { if (size > 0) { // get current log file size if (size_curr < 0) { if (File.Exists(filename)) { FileInfo f = new FileInfo(filename); size_curr = f.Length; } else { size_curr = 0; } } if (size_curr > size) { if (sw != null) { sw.Close(); sw = null; } if (rotate > 0) { if (File.Exists(filename + "." + rotate)) { File.Delete(filename + "." + rotate); } for (int i = rotate; i > 1; i--) { if (File.Exists(filename + "." + (i - 1))) { File.Move(filename + "." + (i - 1), filename + "." + i); } } if (File.Exists(filename)) { File.Move(filename, filename + ".1"); } } else { if (File.Exists(filename)) { File.Move(filename, filename + ".bak"); } } } } if (sw == null) { sw = File.AppendText(filename); size_curr = 0; nexceptions = 0; } sw.Write(data); if (synchronized) { sw.Flush(); } size_curr += data.Length; } catch (Exception ex) { if (nexceptions == 0) { Log.Error("LoggerProcessor::Execute exception: " + ex.ToString()); } nexceptions++; } return(goto_next); }
public override string Execute(EventEntry evtlog) { try { if (size > 0) { // get current log file size if (size_curr < 0) { if (File.Exists(filename)) { FileInfo f = new FileInfo(filename); size_curr = f.Length; } else { size_curr = 0; } } if (size_curr > size) { if (sw != null) { sw.Close(); sw = null; } if (rotate > 0) { if (File.Exists(filename + "." + rotate)) { File.Delete(filename + "." + rotate); } for (int i = rotate; i > 1; i--) { if (File.Exists(filename + "." + (i - 1))) { File.Move(filename + "." + (i - 1), filename + "." + i); } } if (File.Exists(filename)) { File.Move(filename, filename + ".1"); } } else { if (File.Exists(filename)) { File.Move(filename, filename + ".bak"); } } } } if (sw == null) { sw = File.AppendText(filename); size_curr = 0; nexceptions = 0; } ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); string data = tpl.Apply(template); sw.Write(data); if (synchronized) { sw.Flush(); } size_curr += data.Length; } catch (Exception ex) { if (nexceptions == 0) { Log.Error("LoggerProcessor::Execute exception: " + ex.ToString()); } nexceptions++; } return goto_next; }
public override string Execute(EventEntry evtlog) { F2BSection config = F2B.Config.Instance; ProcessorEventStringTemplate tpl = new ProcessorEventStringTemplate(evtlog); string senderEx = tpl.Apply(sender); string recipientEx = Regex.Replace(tpl.Apply(recipient), @"^[ ,]*(.*?)[ ,]*$", "$1"); string subjectEx = tpl.Apply(subject); Log.Info("Sending mail notification (from=" + senderEx + ",to=" + recipientEx + ",subject=" + subjectEx + ")"); MailMessage mail = new MailMessage(senderEx, recipientEx); mail.Subject = subjectEx; mail.Body = tpl.Apply(body); SmtpClient client = new SmtpClient(); client.Port = config.Smtp.Port.Value; client.DeliveryMethod = SmtpDeliveryMethod.Network; client.UseDefaultCredentials = false; client.Host = config.Smtp.Host.Value; client.EnableSsl = config.Smtp.Ssl.Value; client.Credentials = smtpAuth; client.Send(mail); #if DEBUG Interlocked.Increment(ref nmsgs); #endif return goto_next; }