public void when_int32_values_are_not_same_is_should_not_match()
{
UInt32 data = 0;
UInt32 query = 1;
var record = LogonEvent.CreateRecord(String.Empty, data);
var predicate = Filter.IsUInt32(LogonEvent.LogonType, query);
Assert.IsFalse(predicate.Test(record));
}
public void WriteRecord(LogonEvent record)
{
Console.WriteLine(
record.EventID + "\t" +
record.Username + "\t" +
record.Domain + "\t" +
record.HwAddress + "\t" +
record.IpAddress + "\t" +
record.Hostname + "\t" +
record.Workstation + "\t" +
record.StartTime + "\t" +
record.EndTime
);
}
public static LogonEventProxy Convert(LogonEvent f)
{
LogonEventProxy p = new LogonEventProxy();
p.Domain = f.Domain;
p.EventID = f.EventID;
p.Hostname = f.Hostname;
p.HwAddress = f.HwAddress;
p.IpAddress = f.IpAddress;
p.StartTime = f.StartTime;
p.Username = f.Username;
p.Workstation = f.Workstation;
return(p);
}
protected void OnSessionLogoff(int sessionId)
{
Account account = new Account(GetSessionUser(sessionId));
EventLog.WriteEntry(
string.Format("User {0}\\{1} logged off", account.Domain, account.UserName),
EventLogEntryType.Information,
528
);
LogonEventAdapter adapter = new LogonEventAdapter(credentials);
LogonEvent record = adapter.Find(account);
adapter.Close(record.EventID);
}
public void WriteRecord(LogonEvent record)
{
Console.WriteLine("User: {0}\\{1} (Event ID={2})", record.Username, record.Domain, record.EventID);
Console.WriteLine(Separator);
Console.WriteLine("\t Computer: {0} (NetBIOS Name: {1})", record.Hostname, record.Workstation);
Console.WriteLine("\tIP-address: {0} (MAC-address: {1})", record.IpAddress, record.HwAddress);
if (record.EndTime == DateTime.MinValue)
{
Console.WriteLine("\t Session: {0} -> [(still logged on)]", record.StartTime);
}
else
{
Console.WriteLine("\t Session: {0} -> {1}", record.StartTime, record.EndTime);
}
Console.WriteLine();
}
public void WriteRecord(LogonEvent record)
{
Console.WriteLine(" <LogonEvent ID={0}>", record.EventID);
Console.WriteLine(" <Logon>");
Console.WriteLine(" <Username>{0}</Username>", record.Username);
Console.WriteLine(" <Domain>{0}</Domain>", record.Domain);
Console.WriteLine(" </Logon>");
Console.WriteLine(" <Computer>");
Console.WriteLine(" <HwAddress>{0}</HwAddress>", record.HwAddress);
Console.WriteLine(" <IpAddress>{0}</IpAddress>", record.IpAddress);
Console.WriteLine(" <Hostname>{0}</Hostname>", record.Hostname);
Console.WriteLine(" <Workstation>{0}</Workstation>", record.Workstation);
Console.WriteLine(" </Computer>");
Console.WriteLine(" <Session>");
Console.WriteLine(" <StartTime>{0}</StartTime>", record.StartTime);
Console.WriteLine(" <EndTime>{0}</EndTime>", record.EndTime);
Console.WriteLine(" </Session>");
Console.WriteLine(" </LogonEvent>");
}
/// <summary>
/// Records an logout event. The event ID is remotelly queried using the logged on
/// user and domain as search preferences. The current workstation is detected
/// automatic.
/// </summary>
void Logout()
{
Account account = new Account();
try
{
EventLog.WriteEntry(
ProgramInfo.Product,
string.Format("User {0}\\{1} logged off", account.Domain, account.UserName),
EventLogEntryType.Information,
528
);
}
catch (System.Security.SecurityException exception)
{
Report(exception);
}
LogonEventAdapter adapter = new LogonEventAdapter(this.options.Credentials);
LogonEvent record = adapter.Find(account);
adapter.Close(record.EventID);
}
public List <LogonEvent> Find(LogonEvent filter, LogonEventMatch match)
{
return(proxy.FindLogonEvents(filter, match));
}
public List <LogonEvent> Find(LogonEvent filter)
{
return(Find(filter, LogonEventMatch.Exact));
}
public void Delete(LogonEvent record)
{
Delete(record.EventID);
}
public void Close(LogonEvent record)
{
Close(record.EventID);
}
public int Add(LogonEvent record)
{
return(Add(record.Username, record.Domain, record.Workstation, record.HwAddress));
}
public void Handle(LogonEvent message)
{
ActivateItem(IoC.Get <DashboardViewModel>());
NotifyOfPropertyChange(() => IsLoggedIn);
}