static void Main2() { //Initialise ScutaConfig.load(); HelperFunctions.configure(3, 1, false, true, "", "Application", "Scuta"); HelperFunctions.debugMessage(0, ("Scuta v" + Assembly.GetExecutingAssembly().GetName().Version + " is starting..."), 0, 100, HelperFunctions.MessageType.Information); FWCtrl.Setup(); if (ScutaConfig.enableIOT) { IOTCtrl.Initialise(ScutaConfig.iotHubConnectionString, ScutaConfig.iotHubDeviceName, ScutaConfig.iotHubUri); } if (ScutaConfig.enableMessageForwarding) { MsgForwarding.Setup(ScutaConfig.messageForwardingIP, ScutaConfig.messageForwardingPort); } if (ScutaConfig.watchEventLog) { EventLogWorker newWorker = new EventLogWorker(); ThreadManager.LaunchWorker(newWorker); } if (ScutaConfig.watchLogFile) { LogFileWorker logFileWorker = new LogFileWorker(ScutaConfig.watchLogFilePath, ScutaConfig.watchLogFileName); ThreadManager.LaunchWorker(logFileWorker); } }
protected override void OnStart(string[] args) { base.OnStart(args); //Initialise ScutaConfig.load(); HelperFunctions.configure(3, 3, false, true, "", "Scuta", "Scuta Service"); HelperFunctions.debugMessage(0, ("Scuta v" + Assembly.GetExecutingAssembly().GetName().Version + " is starting..."), 0, 100, HelperFunctions.MessageType.Information); FWCtrl.Setup(); httpClient = new HttpClient(); if (ScutaConfig.enableIOT) { IOTCtrl.Initialise(ScutaConfig.iotHubConnectionString, ScutaConfig.iotHubDeviceName, ScutaConfig.iotHubUri); } if (ScutaConfig.enablePBI) { PowerBICtrl.serviceURI = ScutaConfig.pbiServiceUri; PowerBICtrl.enableDebugToLog = true; } ; if (ScutaConfig.enableMessageForwarding) { MsgForwarding.Setup(ScutaConfig.messageForwardingIP, ScutaConfig.messageForwardingPort); } if (ScutaConfig.watchEventLog) { EventLogWorker newWorker = new EventLogWorker(); rootThread = ThreadManager.LaunchWorker(newWorker); } if (ScutaConfig.watchLogFile) { LogFileWorker logFileWorker = new LogFileWorker(ScutaConfig.watchLogFilePath, ScutaConfig.watchLogFileName); ThreadManager.LaunchWorker(logFileWorker); } }
public void ban(string sshdmessage) { // Ban the IP indicated in the event log message Regex IPV4 = new Regex(@"\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b"); Regex User = new Regex(@"(?<=user ).*?(?= from)"); Match ip = IPV4.Match(sshdmessage); Match user = User.Match(sshdmessage); if (ScutaConfig.enableIOT) { } ; if (ScutaConfig.enableMessageForwarding) { MsgForwarding forwarder = new MsgForwarding(); forwarder.SendMessage(String.Format("Banning user {0} from {1}", user.Value, ip.Value)); } FWCtrl.ban(ip.Value, ScutaConfig.banMinutes, user.Value); }
public void ban(string ip, string user) { // Ban the IP indicated in the event log message FWCtrl.ban(ip, ScutaConfig.banMinutes, user); if (ScutaConfig.enableIOT) { recordToIOT(ip, user); } ; if (ScutaConfig.enablePBI) { recordToPBI(ip, user); } ; if (ScutaConfig.enableMessageForwarding) { MsgForwarding forwarder = new MsgForwarding(); forwarder.SendMessage(String.Format("Banning user {0} from {1}", user, ip)); } }