Microsoft.FEP.ActiveMalwareMonitorFallbackTriggerRule.LogFallbackTriggerEventWA (WriteActionModuleType)

Element properties:

Show References:
- Rules (2)

Type	WriteActionModuleType
Isolation	Any
Accessibility	Public
RunAs	Microsoft.SystemCenter.LocalAgentElevatedAccount
InputType	System.BaseData

Member Modules:

ID	Module Type	TypeId	RunAs
LogFallbackEvent	WriteAction	System.CommandExecuter	Default

Source Code:

<WriteActionModuleType ID="Microsoft.FEP.ActiveMalwareMonitorFallbackTriggerRule.LogFallbackTriggerEventWA" Accessibility="Public" RunAs="SC!Microsoft.SystemCenter.LocalAgentElevatedAccount">

  <Configuration>

    <xsd:element minOccurs="1" name="PublisherName" type="xsd:string"/>

    <xsd:element minOccurs="1" name="LogName" type="xsd:string"/>

  </Configuration>

  <ModuleImplementation Isolation="Any">

    <Composite>

      <MemberModules>

        <WriteAction ID="LogFallbackEvent" TypeID="System!System.CommandExecuter">

          <ApplicationName>%WINDIR%\System32\eventcreate.exe</ApplicationName>

          <WorkingDirectory/>

          <CommandLine>/id 500 /l $Config/LogName$ /so "$Config/PublisherName$"  /t Success /d "$Config/PublisherName$"</CommandLine>

          <TimeoutSeconds>30</TimeoutSeconds>

          <RequireOutput>false</RequireOutput>

        </WriteAction>

      </MemberModules>

      <Composition>

        <Node ID="LogFallbackEvent"/>

      </Composition>

    </Composite>

  </ModuleImplementation>

  <InputType>System!System.BaseData</InputType>

</WriteActionModuleType>