Class EventLogCollector

Collects system event logs.

Inheritance

System.Object

BaseCollector

EventLogCollector

Implements

IPlatformRunnable

Inherited Members

BaseCollector.Results

BaseCollector.TryExecute()

BaseCollector.RunStatus

BaseCollector.Start()

BaseCollector.Stop()

System.Object.Equals(System.Object)

System.Object.Equals(System.Object, System.Object)

System.Object.GetHashCode()

System.Object.GetType()

System.Object.MemberwiseClone()

System.Object.ReferenceEquals(System.Object, System.Object)

System.Object.ToString()

Namespace: AttackSurfaceAnalyzer.Collectors

Assembly: AsaLib.dll

Syntax

public class EventLogCollector : BaseCollector, IPlatformRunnable

Constructors

| Improve this Doc View Source

EventLogCollector(CollectCommandOptions, Action<CollectObject>)

Declaration

public EventLogCollector(CollectCommandOptions opts = null, Action<CollectObject> changeHandler = null)

Parameters

Type	Name	Description
CollectCommandOptions	opts
System.Action<CollectObject>	changeHandler

Methods

| Improve this Doc View Source

CanRunOnPlatform()

Declaration

public override bool CanRunOnPlatform()

Returns

Type	Description
System.Boolean

Overrides

BaseCollector.CanRunOnPlatform()

| Improve this Doc View Source

ExecuteInternal()

Declaration

public override void ExecuteInternal()

Overrides

BaseCollector.ExecuteInternal()

| Improve this Doc View Source

ExecuteLinux()

Parses /var/log/auth.log and /var/log/syslog (no way to distinguish severity)

Declaration

public void ExecuteLinux()

| Improve this Doc View Source

ExecuteMacOs()

Collect event logs on macOS using the 'log' utility

Declaration

public void ExecuteMacOs()

| Improve this Doc View Source

ExecuteWindows()

Collect event logs on Windows using System.Diagnostics.EventLog

Declaration

public void ExecuteWindows()

Implements

IPlatformRunnable