private static IEnumerable <IWinEvent> _Find_DomainUserEvent(string[] ComputerName, DateTime StartTime, DateTime EndTime, int MaxEvents, string[] TargetUsers, Dictionary <string, string> Filter, System.Net.NetworkCredential Credential)
{
var Events = new List <IWinEvent>();
foreach (var TargetComputer in ComputerName)
{
var Up = TestConnection.Ping(TargetComputer, 1);
if (Up)
{
var DomainUserEventArgs = new Args_Get_DomainUserEvent
{
ComputerName = new[] { TargetComputer },
StartTime = StartTime,
EndTime = EndTime,
MaxEvents = MaxEvents,
Credential = Credential
};
if (Filter != null || TargetUsers != null)
{
if (TargetUsers != null)
{
GetDomainUserEvent.Get_DomainUserEvent(DomainUserEventArgs).Where(x => TargetUsers.Contains((x is LogonEvent) ? (x as LogonEvent).TargetUserName : (x as ExplicitCredentialLogonEvent).TargetUserName));
}
else
{
var Operator = "or";
foreach (var key in Filter.Keys)
{
if ((key == "Op") || (key == "Operator") || (key == "Operation"))
{
if ((Filter[key].IsRegexMatch("&")) || (Filter[key] == "and"))
{
Operator = "and";
}
}
}
var Keys = Filter.Keys.Where(x => (x != "Op") && (x != "Operator") && (x != "Operation"));
var events = GetDomainUserEvent.Get_DomainUserEvent(DomainUserEventArgs);
foreach (var evt in events)
{
if (Operator == "or")
{
foreach (var Key in Keys)
{
if (evt.GetPropValue <string>(Key).IsRegexMatch(Filter[Key]))
{
Events.Add(evt);
}
}
}
else
{
// and all clauses
foreach (var Key in Keys)
{
if (!evt.GetPropValue <string>(Key).IsRegexMatch(Filter[Key]))
{
break;
}
Events.Add(evt);
}
}
}
}
}
else
{
GetDomainUserEvent.Get_DomainUserEvent(DomainUserEventArgs);
}
}
}
return(Events);
}
public static IEnumerable <IWinEvent> Get_UserEvent(Args_Get_DomainUserEvent args = null)
{
return(GetDomainUserEvent.Get_DomainUserEvent(args));
}
