Examples with ExecutionResult - fvarrui.sysadmin.challenger.command.ExecutionResult

Example 1 with ExecutionResult

use of fvarrui.sysadmin.challenger.command.ExecutionResult in project Challenger4SysAdmins by fvarrui.

the class PSMonitor method doWork.

@Override
public void doWork() {
    String resolveUsernameCommand = "";
    Command resolveUsername = new PSCommand("(Get-LocalUser | Where SID -eq '%s').Name");
    ZonedDateTime dateTime = ZonedDateTime.now(ZoneOffset.UTC);
    Chronometer chrono = new Chronometer();
    do {
        chrono.init();
        ExecutionResult result = command.execute(dateTime.toString());
        if (!result.getOutput().isEmpty()) {
            String xml = "<Events>" + result.getOutput() + "</Events>";
            Document doc = XMLUtils.stringToDocument(xml);
            NodeList nodes = doc.getElementsByTagName("Event");
            for (int i = 0; i < nodes.getLength(); i++) {
                Node node = nodes.item(i);
                String command = XMLUtils.searchText(node, "EventData/Data[@Name='ScriptBlockText']");
                String userId = XMLUtils.searchAttribute(node, "System/Security", "UserID");
                String xmlDateTime = XMLUtils.searchAttribute(node, "System/TimeCreated", "SystemTime");
                ZonedDateTime timestamp = DateTimeUtils.xmlInstantToZonedDateTime(xmlDateTime);
                if (!getExcludedCommands().contains(command) && !command.equals(resolveUsernameCommand)) {
                    ExecutionResult usernameResult = resolveUsername.execute(userId);
                    resolveUsernameCommand = usernameResult.getParams();
                    String username = usernameResult.getOutput();
                    Map<String, Object> data = new HashMap<>();
                    data.put(COMMAND, command);
                    data.put(USERNAME, username);
                    data.put(TIMESTAMP, LocalDateTime.ofInstant(timestamp.toInstant(), ZoneId.systemDefault()));
                    notifyAll(data);
                }
                dateTime = timestamp;
            }
        }
        chrono.stop();
        Sleep.millis(delay - chrono.getDiff());
    } while (!isStopped());
}

Also used : HashMap(java.util.HashMap) NodeList(org.w3c.dom.NodeList) Node(org.w3c.dom.Node) PSCommand(fvarrui.sysadmin.challenger.command.PSCommand) ExecutionResult(fvarrui.sysadmin.challenger.command.ExecutionResult) Document(org.w3c.dom.Document) DOSCommand(fvarrui.sysadmin.challenger.command.DOSCommand) PSCommand(fvarrui.sysadmin.challenger.command.PSCommand) Command(fvarrui.sysadmin.challenger.command.Command) ZonedDateTime(java.time.ZonedDateTime) Chronometer(fvarrui.sysadmin.challenger.utils.Chronometer)

Example 2 with ExecutionResult

use of fvarrui.sysadmin.challenger.command.ExecutionResult in project Challenger4SysAdmins by fvarrui.

the class BASHMonitor method doWork.

@Override
public void doWork() {
    try {
        System.out.println("ejecutando comando: " + command.getCommand());
        ExecutionResult result = command.execute(false);
        BufferedReader reader = new BufferedReader(new InputStreamReader(result.getOutputStream()));
        System.out.println("iniciando bucle");
        while (!isStopped()) {
            if (reader.ready()) {
                String line = reader.readLine();
                if (line != null) {
                    System.out.println("linea: " + line);
                    Matcher matcher = pattern.matcher(line);
                    if (matcher.find()) {
                        String time = matcher.group(1);
                        String username = matcher.group(2);
                        String command = matcher.group(3);
                        if (!getExcludedCommands().contains(command)) {
                            LocalDateTime timestamp = LocalDateTime.of(LocalDate.now(), LocalTime.parse(time));
                            Map<String, Object> data = new HashMap<>();
                            data.put(COMMAND, command);
                            data.put(USERNAME, username);
                            data.put(TIMESTAMP, timestamp);
                            notifyAll(data);
                        }
                    }
                }
            }
        }
        System.out.println("fin del bucle");
    } catch (IOException e) {
        e.printStackTrace();
    }
}

Also used : LocalDateTime(java.time.LocalDateTime) InputStreamReader(java.io.InputStreamReader) Matcher(java.util.regex.Matcher) HashMap(java.util.HashMap) BufferedReader(java.io.BufferedReader) ExecutionResult(fvarrui.sysadmin.challenger.command.ExecutionResult) IOException(java.io.IOException)

Aggregations

ExecutionResult (fvarrui.sysadmin.challenger.command.ExecutionResult)2 HashMap (java.util.HashMap)2 Command (fvarrui.sysadmin.challenger.command.Command)1 DOSCommand (fvarrui.sysadmin.challenger.command.DOSCommand)1 PSCommand (fvarrui.sysadmin.challenger.command.PSCommand)1 Chronometer (fvarrui.sysadmin.challenger.utils.Chronometer)1 BufferedReader (java.io.BufferedReader)1 IOException (java.io.IOException)1 InputStreamReader (java.io.InputStreamReader)1 LocalDateTime (java.time.LocalDateTime)1 ZonedDateTime (java.time.ZonedDateTime)1 Matcher (java.util.regex.Matcher)1 Document (org.w3c.dom.Document)1 Node (org.w3c.dom.Node)1 NodeList (org.w3c.dom.NodeList)1