Home
  •  

Privileged Log File Datasource

Microsoft.Unix.SCXLog.Privileged.Datasource (DataSourceModuleType)

This Datasource filters out rows from a log file that match a regular expression.

Element properties:

TypeDataSourceModuleType
IsolationAny
AccessibilityPublic
RunAsDefault
OutputTypeSystem.BaseData

Member Modules:

ID Module Type TypeId RunAs 
DS DataSource Microsoft.Unix.SCXLog.Native.DataSource Default
Mapper ConditionDetection System.Event.GenericDataMapper Default

Overrideable Parameters:

IDParameterTypeSelectorDisplay NameDescription
Hoststring$Config/Host$HostHost where log file resides.
LogFilestring$Config/LogFile$LogFilePath to log file.
RegExpFilterstring$Config/RegExpFilter$RegExpFilterRegular expression to use for filtering log file records.

Source Code:

<DataSourceModuleType ID="Microsoft.Unix.SCXLog.Privileged.Datasource" Accessibility="Public" Batching="true">

  <Configuration>

    <xsd:element name="Host" type="xsd:string"/>

    <xsd:element name="LogFile" type="xsd:string"/>

    <xsd:element name="RegExpFilter" type="xsd:string" minOccurs="0"/>

  </Configuration>

  <OverrideableParameters>

    <OverrideableParameter ID="Host" ParameterType="string" Selector="$Config/Host$"/>

    <OverrideableParameter ID="LogFile" ParameterType="string" Selector="$Config/LogFile$"/>

    <OverrideableParameter ID="RegExpFilter" ParameterType="string" Selector="$Config/RegExpFilter$"/>

  </OverrideableParameters>

  <ModuleImplementation>

    <Composite>

      <MemberModules>

        <DataSource TypeID="Microsoft.Unix.SCXLog.Native.DataSource" ID="DS">

          <Protocol>https</Protocol>

          <Host>$Config/Host$</Host>

          <UserName>$RunAs[Name="Microsoft.Unix.PrivilegedAccount"]/UserName$</UserName>

          <Password>$RunAs[Name="Microsoft.Unix.PrivilegedAccount"]/Password$</Password>

          <LogFile>$Config/LogFile$</LogFile>

          <RegExpFilter>$Config/RegExpFilter$</RegExpFilter>

          <IntervalSeconds>300</IntervalSeconds>

          <SkipCACheck>false</SkipCACheck>

          <SkipCNCheck>false</SkipCNCheck>

        </DataSource>

        <ConditionDetection TypeID="System!System.Event.GenericDataMapper" ID="Mapper">

          <EventOriginId>$Target/Id$</EventOriginId>

          <PublisherId>$MPElement$</PublisherId>

          <PublisherName>WSManEventProvider</PublisherName>

          <Channel>WSManEventProvider</Channel>

          <LoggingComputer/>

          <EventNumber>0</EventNumber>

          <EventCategory>3</EventCategory>

          <EventLevel>0</EventLevel>

          <UserName/>

          <Description>Detected Entry:  $Data///row$</Description>

          <Params/>

        </ConditionDetection>

      </MemberModules>

      <Composition>

        <Node ID="Mapper">

          <Node ID="DS"/>

        </Node>

      </Composition>

    </Composite>

  </ModuleImplementation>

  <OutputType>System!System.BaseData</OutputType>

</DataSourceModuleType>