public QueryAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, AuditActiveParticipant sourceUser, string destinationAE, string destinationHost, string queryParameters) : base("Query") { AuditMessage.EventIdentification = new EventIdentificationContents { EventID = EventID.Query, EventActionCode = EventIdentificationContentsEventActionCode.E, EventActionCodeSpecified = true, EventDateTime = Platform.Time.ToUniversalTime(), EventOutcomeIndicator = outcome }; InternalAddAuditSource(auditSource); InternalAddActiveParticipant(sourceUser); IPAddress x; _participantList.Add(new ActiveParticipantContents(RoleIDCode.Destination, "AETITLE=" + destinationAE, null, null, destinationHost, IPAddress.TryParse(destinationHost, out x) ? NetworkAccessPointTypeEnum.IpAddress : NetworkAccessPointTypeEnum.MachineName, null)); AuditQueryMessageParticipantObject o = new AuditQueryMessageParticipantObject(queryParameters); InternalAddParticipantObject("Query", o); }
/// <summary> /// /// </summary> /// <param name="auditSource"></param> /// <param name="outcome"></param> /// <param name="type"></param> /// <param name="idOfApplicationStarted">Add the ID of the Application Started, should be called once.</param> public ApplicationActivityAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, ApplicationActivityType type, AuditProcessActiveParticipant idOfApplicationStarted) : base("ApplicationActivity") { AuditMessage.EventIdentification = new EventIdentificationContents(); AuditMessage.EventIdentification.EventID = EventID.ApplicationActivity; AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.E; AuditMessage.EventIdentification.EventActionCodeSpecified = true; AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime(); AuditMessage.EventIdentification.EventOutcomeIndicator = outcome; InternalAddAuditSource(auditSource); if (type == ApplicationActivityType.ApplicationStarted) { AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { EventTypeCode.ApplicationStart } } ; else { AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { EventTypeCode.ApplicationStop } }; idOfApplicationStarted.UserIsRequestor = false; idOfApplicationStarted.RoleIdCode = RoleIDCode.Application; InternalAddActiveParticipant(idOfApplicationStarted); }
/// <summary> /// Constructor /// </summary> /// <param name="outcome">The outcome of the audit event.</param> /// <param name="type">Network Attach or Detach</param> /// <param name="node">The identity of the node entering or leaving the network</param> /// <param name="auditSource">The source of the audit message.</param> public NetworkEntryAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, NetworkEntryType type, AuditProcessActiveParticipant node) : base("NetworkEntry") { AuditMessage.EventIdentification = new EventIdentificationContents(); AuditMessage.EventIdentification.EventID = EventID.NetworkEntry; AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.E; AuditMessage.EventIdentification.EventActionCodeSpecified = true; AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime(); AuditMessage.EventIdentification.EventOutcomeIndicator = outcome; if (type == NetworkEntryType.Attach) { AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { EventTypeCode.Attach } } ; else { AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { EventTypeCode.Detach } }; node.UserIsRequestor = false; InternalAddActiveParticipant(node); InternalAddAuditSource(auditSource); } }
/// <summary> /// Constructor. /// </summary> public DicomStudyDeletedAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome) : base("DicomStudyDeleted") { AuditMessage.EventIdentification = new EventIdentificationContents(); AuditMessage.EventIdentification.EventID = EventID.DICOMStudyDeleted; AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.D; AuditMessage.EventIdentification.EventActionCodeSpecified = true; AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime(); AuditMessage.EventIdentification.EventOutcomeIndicator = outcome; InternalAddAuditSource(auditSource); }
public AuditSourceIdentificationContents(DicomAuditSource auditSource) { if (!String.IsNullOrEmpty(auditSource.EnterpriseSiteId)) { AuditEnterpriseSiteID = auditSource.EnterpriseSiteId; } AuditSourceID = auditSource.AuditSourceId; if (auditSource.AuditSourceType.HasValue) { AuditSourceTypeCode = new string[1]; AuditSourceTypeCode[0] = auditSource.AuditSourceType.Value.ToString(); } }
/// <summary> /// Constructor. /// </summary> public DicomInstancesAccessedAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, EventIdentificationContentsEventActionCode action) : base("DicomInstancesAccessed") { AuditMessage.EventIdentification = new EventIdentificationContents { EventID = EventID.DICOMInstancesAccessed, EventActionCode = action, EventActionCodeSpecified = true, EventDateTime = Platform.Time.ToUniversalTime(), EventOutcomeIndicator = outcome }; InternalAddAuditSource(auditSource); }
/// <summary> /// /// </summary> /// <param name="auditSource"></param> /// <param name="outcome">Success implies an informative alert. The other failure values /// imply warning codes that indicate the severity of the alert. A Minor /// or Serious failure indicates that mitigation efforts were effective in /// maintaining system security. A Major failure indicates that /// mitigation efforts may not have been effective, and that the security /// system may have been compromised.</param> /// <param name="eventTypeCode">The type of Security Alert event</param> public SecurityAlertAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, SecurityAlertEventTypeCodeEnum eventTypeCode) : base("SecurityAlert") { AuditMessage.EventIdentification = new EventIdentificationContents(); AuditMessage.EventIdentification.EventID = EventID.SecurityAlert; AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.E; AuditMessage.EventIdentification.EventActionCodeSpecified = true; AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime(); AuditMessage.EventIdentification.EventOutcomeIndicator = outcome; AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { GetEventTypeCode(eventTypeCode) }; InternalAddAuditSource(auditSource); }
/// <summary> /// Constructor. /// </summary> public DicomInstancesTransferredAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, EventIdentificationContentsEventActionCode action, string sourceAE, string sourceHost, string destinationAE, string destinationHost) : base("DicomInstancesTransferred") { AuditMessage.EventIdentification = new EventIdentificationContents(); AuditMessage.EventIdentification.EventID = EventID.DICOMInstancesTransferred; AuditMessage.EventIdentification.EventActionCode = action; AuditMessage.EventIdentification.EventActionCodeSpecified = true; AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime(); AuditMessage.EventIdentification.EventOutcomeIndicator = outcome; InternalAddActiveDicomParticipant(sourceAE, sourceHost, destinationAE, destinationHost); InternalAddAuditSource(auditSource); }
/// <summary> /// Constructor. /// </summary> public DicomInstancesTransferredAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, EventIdentificationContentsEventActionCode action, AssociationParameters parms) : base("DicomInstancesTransferred") { AuditMessage.EventIdentification = new EventIdentificationContents(); AuditMessage.EventIdentification.EventID = EventID.DICOMInstancesTransferred; AuditMessage.EventIdentification.EventActionCode = action; AuditMessage.EventIdentification.EventActionCodeSpecified = true; AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime(); AuditMessage.EventIdentification.EventOutcomeIndicator = outcome; InternalAddActiveDicomParticipant(parms); InternalAddAuditSource(auditSource); }
/// <summary> /// Constructor. /// </summary> /// <param name="auditSource">The source of the audit.</param> /// <param name="outcome">The outcome (success or failure)</param> /// <param name="exportDestination">Any machine readable identifications on the media, such as media serial number, volume label, /// DICOMDIR SOP Instance UID.</param> public DataExportAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, string exportDestination) : base("DataExport") { AuditMessage.EventIdentification = new EventIdentificationContents(); AuditMessage.EventIdentification.EventID = EventID.Export; AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.E; AuditMessage.EventIdentification.EventActionCodeSpecified = true; AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime(); AuditMessage.EventIdentification.EventOutcomeIndicator = outcome; InternalAddAuditSource(auditSource); // Add the Destination _participantList.Add( new ActiveParticipantContents(RoleIDCode.DestinationMedia, ProcessName, exportDestination, null, null, null, false)); }
public BeginTransferringDicomInstancesAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, string sourceAE, string sourceHost, string destinationAE, string destinationHost, AuditPatientParticipantObject patient) : base("BeginTransferringDicomInstances") { AuditMessage.EventIdentification = new EventIdentificationContents(); AuditMessage.EventIdentification.EventID = EventID.BeginTransferringDICOMInstances; AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.E; AuditMessage.EventIdentification.EventActionCodeSpecified = true; AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime(); AuditMessage.EventIdentification.EventOutcomeIndicator = outcome; InternalAddAuditSource(auditSource); InternalAddActiveDicomParticipant(sourceAE, sourceHost, destinationAE, destinationHost); InternalAddParticipantObject(patient.PatientId + patient.PatientsName, patient); }
/// <summary> /// Constructor /// </summary> /// <param name="auditSource">The source of the audit</param> /// <param name="outcome">The outcome</param> /// <param name="uriOfAuditLog">Add the Identity of the Audit Log. </param> public AuditLogUsedAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, string uriOfAuditLog) : base("AuditLogUsed") { AuditMessage.EventIdentification = new EventIdentificationContents(); AuditMessage.EventIdentification.EventID = EventID.AuditLogUsed; AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.R; AuditMessage.EventIdentification.EventActionCodeSpecified = true; AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime(); AuditMessage.EventIdentification.EventOutcomeIndicator = outcome; InternalAddAuditSource(auditSource); AuditSecurityAlertParticipantObject o = new AuditSecurityAlertParticipantObject(ParticipantObjectTypeCodeRoleEnum.SecurityResource, ParticipantObjectIdTypeCodeEnum.URI, uriOfAuditLog, "Security Audit Log"); // Only one can be included. _participantObjectList.Clear(); _participantObjectList.Add(uriOfAuditLog, o); }
public QueryAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, string sourceAE, string sourceHost, string destinationAE, string destinationHost, string sopClassUid, DicomAttributeCollection msg) : base("Query") { AuditMessage.EventIdentification = new EventIdentificationContents { EventID = EventID.Query, EventActionCode = EventIdentificationContentsEventActionCode.E, EventActionCodeSpecified = true, EventDateTime = Platform.Time.ToUniversalTime(), EventOutcomeIndicator = outcome }; InternalAddActiveDicomParticipant(sourceAE, sourceHost, destinationAE, destinationHost); InternalAddAuditSource(auditSource); AuditQueryMessageParticipantObject o = new AuditQueryMessageParticipantObject(sopClassUid, msg); InternalAddParticipantObject("Query", o); }
public UserAuthenticationAuditHelper(DicomAuditSource auditSource, EventIdentificationContentsEventOutcomeIndicator outcome, UserAuthenticationEventType type) : base("UserAuthentication") { AuditMessage.EventIdentification = new EventIdentificationContents(); AuditMessage.EventIdentification.EventID = EventID.UserAuthentication; AuditMessage.EventIdentification.EventActionCode = EventIdentificationContentsEventActionCode.E; AuditMessage.EventIdentification.EventActionCodeSpecified = true; AuditMessage.EventIdentification.EventDateTime = Platform.Time.ToUniversalTime(); AuditMessage.EventIdentification.EventOutcomeIndicator = outcome; InternalAddAuditSource(auditSource); if (type == UserAuthenticationEventType.Login) { AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { EventTypeCode.Login } } ; else { AuditMessage.EventIdentification.EventTypeCode = new EventTypeCode[] { EventTypeCode.Logout } }; }
protected void InternalAddAuditSource(DicomAuditSource auditSource) { _auditSourceList.Add(new AuditSourceIdentificationContents(auditSource)); }
protected override DicomAuditSource AsDicomAuditSource() { return(_currentUserAuditSource ?? (_currentUserAuditSource = new DicomAuditSource(_username, string.Empty, AuditSourceTypeCodeEnum.EndUserInterface))); }