Пример #1
0
        /// <summary>
        /// handles and analyzes the received log message.
        /// </summary>
        /// <param name="logMessage"></param>
        public void HandleLog(LogMessage logMessage)
        {
            if (LogMatchHelper.DoesMatch(_logMessage, logMessage))
            {
                var originalMessage = _monitoredLogMessages.FirstOrDefault(lm => LogMatchHelper.IsTheSameMessage(lm, logMessage));

                if (originalMessage != null)
                {
                    AnalyzerResultEventArgs eventArgs = new AnalyzerResultEventArgs
                    {
                        RuleID             = RuleID,
                        AnalysisParameters = new Dictionary <string, string>
                        {
                            {
                                "Original Date Time:", originalMessage.DateTime.ToString()
                            }
                        },
                        Messages = new LogMessage[] { logMessage }
                    };

                    OnAnalyzerResult.Invoke(this, eventArgs);
                }
                else
                {
                    if (_monitoredLogMessages.Count < _duplicateDetectionRule.MaximumNumberOfMonitoredMessages)
                    {
                        _monitoredLogMessages.Add(logMessage);
                    }
                }
            }
        }
        public void HandleLog(LogMessage logMessage)
        {
            if (LogMatchHelper.DoesMatch(_logMessageConfig, logMessage))
            {
                _monitoringTimer.Stop();

                _monitoringTimer.Start();
            }
        }
        /// <summary>
        /// handles and analyzes the received log message.
        /// </summary>
        /// <param name="logMessage"></param>
        public void HandleLog(LogMessage logMessage)
        {
            bool doesMatchLogsMessages = _logMessages.Any(lm => LogMatchHelper.DoesMatch(lm, logMessage));

            if (doesMatchLogsMessages)
            {
                AnalyzerResultEventArgs analyzerResultEventArgs = new AnalyzerResultEventArgs
                {
                    Messages = new LogMessage[] { logMessage }
                };

                analyzerResultEventArgs.RuleID = RuleID;

                OnAnalyzerResult.Invoke(this, analyzerResultEventArgs);
            }
        }
        /// <summary>
        /// handles and analyzes the received log message.
        /// </summary>
        /// <param name="logMessage"></param>
        public void HandleLog(LogMessage logMessage)
        {
            if (LogMatchHelper.DoesMatch(_logMessage, logMessage))
            {
                _messageCountWithinLastInterval++;

                _totalMessagesCount++;

                AnalyzerResultEventArgs eventArgs = new AnalyzerResultEventArgs
                {
                    RuleID   = RuleID,
                    Messages = new LogMessage[] { logMessage }
                };

                OnAnalyzerResult?.Invoke(this, eventArgs);
            }
        }
Пример #5
0
        /// <summary>
        /// handles and analyzes the received log message.
        /// </summary>
        /// <param name="logMessage"></param>
        public void HandleLog(LogMessage logMessage)
        {
            bool match = false;

            // check if the log message matches the next message configuration in the sequence
            if (LogMatchHelper.DoesMatch(sortedLogsMessages[_nextExpectedLogIndex], logMessage))
            {
                match = true;
            }
            // check if the message matches the first one, if yes check the sequence again from the start
            else if (LogMatchHelper.DoesMatch(sortedLogsMessages[0], logMessage))
            {
                _nextExpectedLogIndex = 0;
                match = true;
            }

            if (match)
            {
                _sequenceMessages.Add(logMessage);

                if (_nextExpectedLogIndex < sortedLogsMessages.Length - 1)
                {
                    _nextExpectedLogIndex++;
                }
                else // if the last message in the sequence is received.
                {
                    _nextExpectedLogIndex = 0;

                    AnalyzerResultEventArgs eventArgs = new AnalyzerResultEventArgs
                    {
                        RuleID   = RuleID,
                        Messages = _sequenceMessages.Select(lm => lm.Copy()).ToArray()
                    };

                    OnAnalyzerResult.Invoke(this, eventArgs);

                    _sequenceMessages.Clear();
                }
            }
        }
Пример #6
0
        /// <summary>
        /// handles and analyzes the received log message.
        /// </summary>
        /// <param name="logMessage"></param>
        public void HandleLog(LogMessage logMessage)
        {
            if (LogMatchHelper.DoesMatch(sortedLogsMessages[_nextExpectedLogIndex], logMessage))
            {
                if (_nextExpectedLogIndex < sortedLogsMessages.Length - 1)
                {
                    _nextExpectedLogIndex++;
                }
                else
                {
                    _nextExpectedLogIndex = 0;
                }
            }
            else if (_nextExpectedLogIndex > 0 && DoesMatchPreviousLog(logMessage))
            {
                AnalyzerResultEventArgs eventArgs = new AnalyzerResultEventArgs
                {
                    RuleID = RuleID
                };

                OnAnalyzerResult?.Invoke(this, eventArgs);
            }
        }
Пример #7
0
        /// <summary>
        /// handles and analyzes the received log message.
        /// </summary>
        /// <param name="logMessage"></param>
        public void HandleLog(LogMessage logMessage)
        {
            if (!_isFirstMessageReceived)
            {
                if (LogMatchHelper.DoesMatch(_firstMessageConfig, logMessage))
                {
                    _firstMessageDateTime = DateTime.Now;

                    _isFirstMessageReceived = true;

                    _firstMessage = logMessage;
                }
            }
            else
            {
                bool doesMathSecondMessage = LogMatchHelper.DoesMatch(_secondMessageConfig, logMessage);

                if (doesMathSecondMessage)
                {
                    AnalyzerResultEventArgs eventArgs = new AnalyzerResultEventArgs
                    {
                        RuleID             = RuleID,
                        AnalysisParameters = new Dictionary <string, string>
                        {
                            {
                                "Time Difference", DateTime.Now.Subtract(_firstMessageDateTime).TotalMilliseconds.ToString()
                            }
                        },
                        Messages = new LogMessage[]  { _firstMessage, logMessage }
                    };

                    OnAnalyzerResult.Invoke(this, eventArgs);

                    _isFirstMessageReceived = false;
                }
            }
        }
Пример #8
0
 private bool DoesMatchPreviousLog(LogMessage logMessage)
 {
     return(sortedLogsMessages.Take(_nextExpectedLogIndex).Any(lm =>
                                                               LogMatchHelper.DoesMatch(lm, logMessage)));
 }
        /// <summary>
        /// handles and analyzes the received log message.
        /// </summary>
        /// <param name="logMessage"></param>
        public void HandleLog(LogMessage logMessage)
        {
            if ((logMessage.Parameters?.Any(par => par.Key == _aggregateFunctionRule.ParamName) ?? false ||
                 _aggregateFunctionRule.AggregateFunction == AggregateFunctions.Count) && LogMatchHelper.DoesMatch(_logMessage, logMessage))
            {
                _messagesCount++;

                SetAggregatedValue(logMessage.Parameters.FirstOrDefault(par => par.Key == _aggregateFunctionRule.ParamName).Value);

                AnalyzerResultEventArgs eventArgs = new AnalyzerResultEventArgs
                {
                    RuleID             = RuleID,
                    AnalysisParameters = new Dictionary <string, string>
                    {
                        {
                            "Value", _aggregatedValue.ToString()
                        }
                    },
                    Messages = new LogMessage[]  { logMessage }
                };

                if (DoessPassConditions(_aggregatedValue, "Value"))
                {
                    OnAnalyzerResult.Invoke(this, eventArgs);
                }
            }
        }