/// <summary> /// Creates a AuditMapFunc Formatter that returns a new operation name and CEF event ID when formatting the auditedEVent /// </summary> /// <param name="newOperation">Operation name to overwrite the inbound audited event's operation name</param> /// <param name="cefEventId">the CEF Event ID of this operation</param> /// <returns>A formatter as described above</returns> protected AuditMapFunc MappedOperationCef(string newOperation, string cefEventId) { return(auditedEvent => { auditedEvent.Operation = newOperation; return DefaultCefOpResultFormatter(cefEventId)(auditedEvent); }); }
/// <summary> /// Returns a formatter which formats an auditedevent into a CEF message with an unknown ("-") CEF Event ID. /// </summary> /// <param name="newOperation">The operation to rename all operations passed into the formatter to</param> /// <returns>Formatter which creates SyslogMessages containing event details</returns> protected AuditMapFunc MappedOperation(string newOperation) { return(auditedEvent => { auditedEvent.Operation = newOperation; return DefaultCefOpResultFormatter("-")(auditedEvent); }); }