public static string GetXml(IDMEFMessage alertMessage)
{
XmlSerializer xmlSerializer = new XmlSerializer(alertMessage.GetType());
using (StringWriter textWriter = new StringWriter())
{
xmlSerializer.Serialize(textWriter, alertMessage);
return textWriter.ToString();
}
//using (MemoryStream memStm = new MemoryStream())
//{
// DataContractSerializer serializer = new DataContractSerializer(typeof(IDMEFMessage));
// serializer.WriteObject(memStm, alertMessage);
// memStm.Seek(0, SeekOrigin.Begin);
// using (var streamReader = new StreamReader(memStm))
// {
// string result = streamReader.ReadToEnd();
// return result;
// }
//}
}
public static Idmef.IDMEFMessage CreateAltertMessageFromRawPacket(Packet packet)
{
IDMEFMessage idmefMessage = new IDMEFMessage();
idmefMessage.Items = new object[1];
//this is an IDMEF alert
Alert alertMessage = new Idmef.Alert();
//build the alert message
alertMessage.CreateTime = CreateTimestamp(DateTime.Now);
// add more alert stuff here
//add the alert to the message
idmefMessage.Items[0] = alertMessage;
return idmefMessage;
}
public static IDMEFMessage CreateWebDoSAlert(string webServerAddress, string analyzerId)
{
IDMEFMessage idmefMessage = new IDMEFMessage();
idmefMessage.Items = new object[1];
//this is an IDMEF alert
Alert alertMessage = new Alert();
//build the alert message
alertMessage.CreateTime = CreateTimestamp(DateTime.Now);
alertMessage.Analyzer = new Analyzer();
alertMessage.Analyzer.analyzerid = analyzerId;
//add the alert to the message
idmefMessage.Items[0] = alertMessage;
return idmefMessage;
}
public void ReportAltert(IDMEFMessage alertMessage, string analyzerId)
{
string altertMessageAsXml = IdmefMessageMapper.GetXml(alertMessage);
AnalyserAlertDbAgent.InsertAlert(_connectionString, analyzerId, altertMessageAsXml);
}
public void ReportAltert(IDMEFMessage alertMessage, string sensorId)
{
Console.WriteLine("Alert declared " + alertMessage.version + " by sensor " + sensorId);
}