protected override void Updates(LogEvents Input)
{
if (Input.Type == LogEventType.LogDataExtractedEvent)
{
dataStore.InsertData(Input.ExecutionContext);
}
if (Input.Type == LogEventType.ThresholdBreachCheckEvent)
{
CheckForBreachBothWays(Input, false);
}
if (Input.Type == LogEventType.ThresholdBreachRecoveryCheckEvent)
{
CheckForBreachRecovery(Input);
}
if (Input.Type == LogEventType.LogReportGenerateEvent)
{
PrepareReport(Input);
}
}
protected override void CheckForBreachBothWays(LogEvents Input, bool positive)
{
dynamic intentionsOutCome = PrepareIntentionOutCome(Input);
int thresholdToCheck = Int32.MaxValue;
foreach (WorrySomeIntentions wsi in Input.ExecutionContext.Intentions)
{
if (wsi.InterestedField == DataPoints.DPLOverallTraffic)
{
if (wsi.WhatToDo == Operations.AvgOf)
{
intentionsOutCome.AverageTPS = intentionsOutCome.totalCount / Input.ExecutionContext.timeWindoW;
}
else if (wsi.WhatToDo == Operations.CountOf)
{
thresholdToCheck = wsi.Threshold;
}
}
}
bool bNotify = false;
LogEventType type;
if (positive)
{
bNotify = intentionsOutCome.totalCount < thresholdToCheck ? true : false;
type = LogEventType.ThresholdBreachRecoveredEvent;
}
else
{
bNotify = intentionsOutCome.totalCount > thresholdToCheck ? true : false;
type = LogEventType.ThresholdBreachDetectedEvent;
}
if (bNotify)
{
Notify(type, intentionsOutCome);
}
}
protected override void Parse(LogEvents input)
{
List <String> logLines = input.ExecutionContext;
List <LogData> logExtractedData = new List <LogData>();
foreach (String str in logLines)
{
String[] val = str.Split(' ');
//2018-03-27 03:14:45 naws131 10.100.86.134 GET /WSHandlerV2.ashx NAWS_USER_ID=6920513 443 10.1.20.3 - 200 15
LogData data = new LogData();
DateTime dt;
String dateTime = val[0] + " " + val[1];
DateTime.TryParse(dateTime, out dt);
data.Time = dt;
data.ServerAddress = val[2];
data.OriginatingIP = val[3];
data.HttpVerb = val[4];
data.HttpResource = val[5];
data.QueryString = val[6];
int port = 0;
Int32.TryParse(val[7], out port);
data.Port = port;
data.DestinationIP = val[8];
data.ClientID1 = val[9];
int outval = 200;
Int32.TryParse(val[10], out outval);
data.HttpErrorCode = outval;
Int32.TryParse(val[11], out outval);
data.ResponseSize = outval;
data.RawLog = str;
logExtractedData.Add(data);
}
if (logExtractedData.Count > 0)
{
Notify(logExtractedData);
}
}
protected abstract void Updates(LogEvents Input);
protected abstract void PrepareReport(LogEvents Input);
protected abstract void CheckForBreachRecovery(LogEvents Input);
protected abstract void CheckForBreachBothWays(LogEvents Input, bool positive);
public void Update(LogEvents Input)
{
Updates(Input);
}
protected override void CheckForBreachRecovery(LogEvents Input)
{
CheckForBreachBothWays(Input, true);
}
