public QueryAuditHelper(DicomAuditSource auditSource,
EventIdentificationContentsEventOutcomeIndicator outcome,
AuditActiveParticipant sourceUser, string destinationAE, string destinationHost, string queryParameters)
: base("Query")
{
AuditMessage.EventIdentification = new EventIdentificationContents
{
EventID = EventID.Query,
EventActionCode = EventIdentificationContentsEventActionCode.E,
EventActionCodeSpecified = true,
EventDateTime = Platform.Time.ToUniversalTime(),
EventOutcomeIndicator = outcome
};
InternalAddAuditSource(auditSource);
InternalAddActiveParticipant(sourceUser);
IPAddress x;
_participantList.Add(new ActiveParticipantContents(RoleIDCode.Destination, "AETITLE=" + destinationAE, null,
null,
destinationHost,
IPAddress.TryParse(destinationHost, out x)
? NetworkAccessPointTypeEnum.IpAddress
: NetworkAccessPointTypeEnum.MachineName, null));
AuditQueryMessageParticipantObject o =
new AuditQueryMessageParticipantObject(queryParameters);
InternalAddParticipantObject("Query", o);
}
/// <summary>
///
/// </summary>
/// <param name="auditSource"></param>
/// <param name="outcome"></param>
/// <param name="type"></param>
/// <param name="idOfApplicationStarted">Add the ID of the Application Started, should be called once.</param>
public ApplicationActivityAuditHelper(DicomAuditSource auditSource,
EventIdentificationContentsEventOutcomeIndicator outcome,
ApplicationActivityType type,
AuditProcessActiveParticipant idOfApplicationStarted) : base("ApplicationActivity")
{
AuditMessage.EventIdentification = new EventIdentificationContents();
AuditMessage.EventIdentification.EventID = EventID.ApplicationActivity;
AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.E;
AuditMessage.EventIdentification.EventActionCodeSpecified = true;
AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime();
AuditMessage.EventIdentification.EventOutcomeIndicator = outcome;
InternalAddAuditSource(auditSource);
if (type == ApplicationActivityType.ApplicationStarted)
{
AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { EventTypeCode.ApplicationStart }
}
;
else
{
AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { EventTypeCode.ApplicationStop }
};
idOfApplicationStarted.UserIsRequestor = false;
idOfApplicationStarted.RoleIdCode = RoleIDCode.Application;
InternalAddActiveParticipant(idOfApplicationStarted);
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="outcome">The outcome of the audit event.</param>
/// <param name="type">Network Attach or Detach</param>
/// <param name="node">The identity of the node entering or leaving the network</param>
/// <param name="auditSource">The source of the audit message.</param>
public NetworkEntryAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, NetworkEntryType type, AuditProcessActiveParticipant node)
: base("NetworkEntry")
{
AuditMessage.EventIdentification = new EventIdentificationContents();
AuditMessage.EventIdentification.EventID = EventID.NetworkEntry;
AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.E;
AuditMessage.EventIdentification.EventActionCodeSpecified = true;
AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime();
AuditMessage.EventIdentification.EventOutcomeIndicator = outcome;
if (type == NetworkEntryType.Attach)
{
AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { EventTypeCode.Attach }
}
;
else
{
AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { EventTypeCode.Detach }
};
node.UserIsRequestor = false;
InternalAddActiveParticipant(node);
InternalAddAuditSource(auditSource);
}
}
/// <summary>
/// Constructor.
/// </summary>
public DicomStudyDeletedAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome)
: base("DicomStudyDeleted")
{
AuditMessage.EventIdentification = new EventIdentificationContents();
AuditMessage.EventIdentification.EventID = EventID.DICOMStudyDeleted;
AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.D;
AuditMessage.EventIdentification.EventActionCodeSpecified = true;
AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime();
AuditMessage.EventIdentification.EventOutcomeIndicator = outcome;
InternalAddAuditSource(auditSource);
}
public AuditSourceIdentificationContents(DicomAuditSource auditSource)
{
if (!String.IsNullOrEmpty(auditSource.EnterpriseSiteId))
{
AuditEnterpriseSiteID = auditSource.EnterpriseSiteId;
}
AuditSourceID = auditSource.AuditSourceId;
if (auditSource.AuditSourceType.HasValue)
{
AuditSourceTypeCode = new string[1];
AuditSourceTypeCode[0] = auditSource.AuditSourceType.Value.ToString();
}
}
/// <summary>
/// Constructor.
/// </summary>
public DicomInstancesAccessedAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome,
EventIdentificationContentsEventActionCode action)
: base("DicomInstancesAccessed")
{
AuditMessage.EventIdentification = new EventIdentificationContents
{
EventID = EventID.DICOMInstancesAccessed,
EventActionCode = action,
EventActionCodeSpecified = true,
EventDateTime = Platform.Time.ToUniversalTime(),
EventOutcomeIndicator = outcome
};
InternalAddAuditSource(auditSource);
}
/// <summary>
///
/// </summary>
/// <param name="auditSource"></param>
/// <param name="outcome">Success implies an informative alert. The other failure values
/// imply warning codes that indicate the severity of the alert. A Minor
/// or Serious failure indicates that mitigation efforts were effective in
/// maintaining system security. A Major failure indicates that
/// mitigation efforts may not have been effective, and that the security
/// system may have been compromised.</param>
/// <param name="eventTypeCode">The type of Security Alert event</param>
public SecurityAlertAuditHelper(DicomAuditSource auditSource,
EventIdentificationContentsEventOutcomeIndicator outcome,
SecurityAlertEventTypeCodeEnum eventTypeCode)
: base("SecurityAlert")
{
AuditMessage.EventIdentification = new EventIdentificationContents();
AuditMessage.EventIdentification.EventID = EventID.SecurityAlert;
AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.E;
AuditMessage.EventIdentification.EventActionCodeSpecified = true;
AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime();
AuditMessage.EventIdentification.EventOutcomeIndicator = outcome;
AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { GetEventTypeCode(eventTypeCode) };
InternalAddAuditSource(auditSource);
}
/// <summary>
/// Constructor.
/// </summary>
public DicomInstancesTransferredAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome,
EventIdentificationContentsEventActionCode action,
string sourceAE, string sourceHost, string destinationAE, string destinationHost)
: base("DicomInstancesTransferred")
{
AuditMessage.EventIdentification = new EventIdentificationContents();
AuditMessage.EventIdentification.EventID = EventID.DICOMInstancesTransferred;
AuditMessage.EventIdentification.EventActionCode = action;
AuditMessage.EventIdentification.EventActionCodeSpecified = true;
AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime();
AuditMessage.EventIdentification.EventOutcomeIndicator = outcome;
InternalAddActiveDicomParticipant(sourceAE, sourceHost, destinationAE, destinationHost);
InternalAddAuditSource(auditSource);
}
/// <summary>
/// Constructor.
/// </summary>
public DicomInstancesTransferredAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome,
EventIdentificationContentsEventActionCode action,
AssociationParameters parms)
: base("DicomInstancesTransferred")
{
AuditMessage.EventIdentification = new EventIdentificationContents();
AuditMessage.EventIdentification.EventID = EventID.DICOMInstancesTransferred;
AuditMessage.EventIdentification.EventActionCode = action;
AuditMessage.EventIdentification.EventActionCodeSpecified = true;
AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime();
AuditMessage.EventIdentification.EventOutcomeIndicator = outcome;
InternalAddActiveDicomParticipant(parms);
InternalAddAuditSource(auditSource);
}
/// <summary>
/// Constructor.
/// </summary>
/// <param name="auditSource">The source of the audit.</param>
/// <param name="outcome">The outcome (success or failure)</param>
/// <param name="exportDestination">Any machine readable identifications on the media, such as media serial number, volume label,
/// DICOMDIR SOP Instance UID.</param>
public DataExportAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, string exportDestination)
: base("DataExport")
{
AuditMessage.EventIdentification = new EventIdentificationContents();
AuditMessage.EventIdentification.EventID = EventID.Export;
AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.E;
AuditMessage.EventIdentification.EventActionCodeSpecified = true;
AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime();
AuditMessage.EventIdentification.EventOutcomeIndicator = outcome;
InternalAddAuditSource(auditSource);
// Add the Destination
_participantList.Add(
new ActiveParticipantContents(RoleIDCode.DestinationMedia, ProcessName, exportDestination, null, null, null, false));
}
public BeginTransferringDicomInstancesAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome,
string sourceAE, string sourceHost, string destinationAE, string destinationHost,
AuditPatientParticipantObject patient)
: base("BeginTransferringDicomInstances")
{
AuditMessage.EventIdentification = new EventIdentificationContents();
AuditMessage.EventIdentification.EventID = EventID.BeginTransferringDICOMInstances;
AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.E;
AuditMessage.EventIdentification.EventActionCodeSpecified = true;
AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime();
AuditMessage.EventIdentification.EventOutcomeIndicator = outcome;
InternalAddAuditSource(auditSource);
InternalAddActiveDicomParticipant(sourceAE, sourceHost, destinationAE, destinationHost);
InternalAddParticipantObject(patient.PatientId + patient.PatientsName, patient);
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="auditSource">The source of the audit</param>
/// <param name="outcome">The outcome</param>
/// <param name="uriOfAuditLog">Add the Identity of the Audit Log. </param>
public AuditLogUsedAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome,
string uriOfAuditLog)
: base("AuditLogUsed")
{
AuditMessage.EventIdentification = new EventIdentificationContents();
AuditMessage.EventIdentification.EventID = EventID.AuditLogUsed;
AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.R;
AuditMessage.EventIdentification.EventActionCodeSpecified = true;
AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime();
AuditMessage.EventIdentification.EventOutcomeIndicator = outcome;
InternalAddAuditSource(auditSource);
AuditSecurityAlertParticipantObject o =
new AuditSecurityAlertParticipantObject(ParticipantObjectTypeCodeRoleEnum.SecurityResource,
ParticipantObjectIdTypeCodeEnum.URI, uriOfAuditLog,
"Security Audit Log");
// Only one can be included.
_participantObjectList.Clear();
_participantObjectList.Add(uriOfAuditLog, o);
}
public QueryAuditHelper(DicomAuditSource auditSource,
EventIdentificationContentsEventOutcomeIndicator outcome,
string sourceAE, string sourceHost, string destinationAE, string destinationHost, string sopClassUid, DicomAttributeCollection msg)
: base("Query")
{
AuditMessage.EventIdentification = new EventIdentificationContents
{
EventID = EventID.Query,
EventActionCode = EventIdentificationContentsEventActionCode.E,
EventActionCodeSpecified = true,
EventDateTime = Platform.Time.ToUniversalTime(),
EventOutcomeIndicator = outcome
};
InternalAddActiveDicomParticipant(sourceAE, sourceHost, destinationAE, destinationHost);
InternalAddAuditSource(auditSource);
AuditQueryMessageParticipantObject o =
new AuditQueryMessageParticipantObject(sopClassUid, msg);
InternalAddParticipantObject("Query", o);
}
public UserAuthenticationAuditHelper(DicomAuditSource auditSource,
EventIdentificationContentsEventOutcomeIndicator outcome, UserAuthenticationEventType type)
: base("UserAuthentication")
{
AuditMessage.EventIdentification = new EventIdentificationContents();
AuditMessage.EventIdentification.EventID = EventID.UserAuthentication;
AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.E;
AuditMessage.EventIdentification.EventActionCodeSpecified = true;
AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime();
AuditMessage.EventIdentification.EventOutcomeIndicator = outcome;
InternalAddAuditSource(auditSource);
if (type == UserAuthenticationEventType.Login)
{
AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { EventTypeCode.Login }
}
;
else
{
AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { EventTypeCode.Logout }
};
}
protected void InternalAddAuditSource(DicomAuditSource auditSource)
{
_auditSourceList.Add(new AuditSourceIdentificationContents(auditSource));
}
protected override DicomAuditSource AsDicomAuditSource()
{
return(_currentUserAuditSource ??
(_currentUserAuditSource =
new DicomAuditSource(_username, string.Empty, AuditSourceTypeCodeEnum.EndUserInterface)));
}
