C# (CSharp) Diladele.ActiveDirectory.Inspection LoggedOn示例

编程语言: C# (CSharp)

命名空间/包名称: Diladele.ActiveDirectory.Inspection

类/类型: LoggedOn

hotexamples.com的示例: 2

C# (CSharp) Diladele.ActiveDirectory.Inspection LoggedOn - 已找到2个示例。这些是从开源项目中提取的最受好评的Diladele.ActiveDirectory.Inspection.LoggedOn现实C# (CSharp)示例。您可以评价示例，以帮助我们提高示例质量。

示例#1

显示文件

        public bool ParseLogon(EventLogEntry entry, LoggedOn logon)
        {
            if (!ParseActivity(entry, logon))
            {
                return(false);
            }

            logon.Security_ID    = this.GetReplacementString(entry, New_Logon_Security_ID);
            logon.Account_Name   = this.GetReplacementString(entry, New_Logon_Account_Name);
            logon.Account_Domain = this.GetReplacementString(entry, New_Logon_Account_Domain);
            logon.Logon_Type     = this.ParseLogonType(entry);



            // local or invalid network address are not interesting
            //if (result.Network_Address_Raw == "-" || result.Network_Address_Raw == "::1")
            //{
            //  result.Local = true;
            //}
            //else
            //{
            //  result.Local = false;
            //}



            // subject info (the one who performed this operation)
            // Security_ID       = GetReplacementString(entry, Security_ID)
            // Account_Name      = GetReplacementString(entry, Account_Name)
            // Account_Domain    = GetReplacementString(entry, Account_Domain)
            // Logon_ID          = GetReplacementString(entry, Logon_ID)

            // additional logon information not yet parsed
            // Restricted Admin Mode
            // Virtual Account:		No
            // Elevated Token:		Yes
            // Impersonation Level:		Impersonation
            // Linked Logon ID:		0x0
            // Network Account Name:	-
            // Network Account Domain:	-
            // Process_ID    = GetReplacementString(entry, Process_ID)
            // Process_Name  = GetReplacementString(entry, Process_Name)
            // Workstation Name:	 string
            // Source Port:		0
            // Logon_Process    = GetReplacementString(entry, Logon_Process)
            // Authentication Package:	Negotiate
            //    Transited Services:	-
            //    Package Name (NTLM only):	-
            //    Key Length:		0

            /*
             * for (int index = 0; index < entry.ReplacementStrings.Length; ++index)
             * {
             *  string replacementString = entry.ReplacementStrings[index];
             *  Console.WriteLine("ReplacementString {0}:{1}", index, replacementString);
             * }*/
            return(true);
        }

示例#2

显示文件

        private void HandleLogonEvent(EventLogEntry entry)
        {
            // get the activity
            LoggedOn activity = new LoggedOn();

            {
                var parser = new ActivityParser();
                {
                    if (!parser.ParseLogon(entry, activity))
                    {
                        return;
                    }
                }
            }

            // local activities are not interesting
            if (activity.Local)
            {
                return;
            }

            // when there is a logon, we *always* do probing
            Address address = Prober.Probe(activity.Network_Address);

            if (address != null)
            {
                // we probed successfully, update the storage
                _storage.Insert(address);
            }

            // and trace it
            Trace.TraceInformation(
                "Updater - processed logon activity of {0}\\{1} on {2}",
                activity.Account_Domain,
                activity.Account_Name,
                activity.Network_Address
                );
        }