Framework/Listeners/UserReports/WriteDetailedLog.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
Set-StrictMode -Version Latest 
class WriteDetailedLog: FileOutputBase
{
    hidden static [WriteDetailedLog] $Instance = $null;
    static [WriteDetailedLog] GetInstance()
    {
        if ( $null -eq  [WriteDetailedLog]::Instance)
        {
            [WriteDetailedLog]::Instance = [WriteDetailedLog]::new();
        }
    
        return [WriteDetailedLog]::Instance
    }

    [void] RegisterEvents()
    {
        $this.UnregisterEvents();       

        $this.RegisterEvent([AzSKRootEvent]::GenerateRunIdentifier, {
            $currentInstance = [WriteDetailedLog]::GetInstance();
            try 
            {
                $currentInstance.SetRunIdentifier([AzSKRootEventArgument] ($Event.SourceArgs | Select-Object -First 1));                         
            }
            catch 
            {
                $currentInstance.PublishException($_);
            }
        });

        $this.RegisterEvent([SVTEvent]::EvaluationStarted, {
            $currentInstance = [WriteDetailedLog]::GetInstance();
            try 
            {
                if($Event.SourceArgs.IsResource())
                {
                    $currentInstance.SetFilePath($Event.SourceArgs.SubscriptionContext, $Event.SourceArgs.ResourceContext.ResourceGroupName, ($Event.SourceArgs.FeatureName + ".LOG"));            
                    $startHeading = ([Constants]::ModuleStartHeading -f $Event.SourceArgs.FeatureName, $Event.SourceArgs.ResourceContext.ResourceGroupName, $Event.SourceArgs.ResourceContext.ResourceName);
                }
                else
                {
                    $currentInstance.SetFilePath($Event.SourceArgs.SubscriptionContext, $Event.SourceArgs.SubscriptionContext.SubscriptionName, ($Event.SourceArgs.FeatureName + ".LOG"));            
                    $startHeading = ([Constants]::ModuleStartHeadingSub -f $Event.SourceArgs.FeatureName, $Event.SourceArgs.SubscriptionContext.SubscriptionName, $Event.SourceArgs.SubscriptionContext.SubscriptionId);
                }
                $currentInstance.AddOutputLog($startHeading);
            }
            catch 
            {
                $currentInstance.PublishException($_);
            }
        });
        
        $this.RegisterEvent([SVTEvent]::EvaluationCompleted, {
            $currentInstance = [WriteDetailedLog]::GetInstance();
            try 
            {
                $props = $Event.SourceArgs[0];
                if($props)
                {
                    if($props.IsResource())
                    {
                        $currentInstance.AddOutputLog(([Constants]::CompletedAnalysis  -f $props.FeatureName, $props.ResourceContext.ResourceGroupName, $props.ResourceContext.ResourceName));
                    }
                    else
                    {
                        $currentInstance.AddOutputLog(([Constants]::CompletedAnalysisSub  -f $props.FeatureName, $props.SubscriptionContext.SubscriptionName, $props.SubscriptionContext.SubscriptionId));
                    }
                }
                else
                {
                    $currentInstance.AddOutputLog([Constants]::SingleDashLine + "`r`nNo detailed data found.`r`n" + [Constants]::DoubleDashLine);
                }
                $currentInstance.AddOutputLog([Constants]::HashLine);
            
                $currentInstance.FilePath = "";
            }
            catch 
            {
                $currentInstance.PublishException($_);
            }
        });

        $this.RegisterEvent([SVTEvent]::ControlStarted, {
            $currentInstance = [WriteDetailedLog]::GetInstance();
            try 
            {
                $currentInstance.AddOutputLog([Constants]::DoubleDashLine);
                $currentInstance.AddOutputLog("[$($Event.SourceArgs.ControlItem.ControlID)]: $($Event.SourceArgs.ControlItem.Description)");
                $currentInstance.AddOutputLog([Constants]::SingleDashLine);
                if($Event.SourceArgs.IsResource())
                {
                    $currentInstance.AddOutputLog(("Checking: [{0}]-[$($Event.SourceArgs.ControlItem.Description)] for resource [{1}]" -f 
                            $Event.SourceArgs.FeatureName, 
                            $Event.SourceArgs.ResourceContext.ResourceName), 
                        $true);  
                }
                else
                {
                    $currentInstance.AddOutputLog(("Checking: [{0}]-[$($Event.SourceArgs.ControlItem.Description)] for subscription [{1}]" -f 
                        $Event.SourceArgs.FeatureName, 
                        $Event.SourceArgs.SubscriptionContext.SubscriptionName), 
                    $true);  
                }
            }
            catch 
            {
                $currentInstance.PublishException($_);
            }
        });


        $this.RegisterEvent([SVTEvent]::ControlCompleted, {
            $currentInstance = [WriteDetailedLog]::GetInstance();     
            try 
            {
                $currentInstance.WriteControlResult([SVTEventContext] ($Event.SourceArgs | Select-Object -First 1 ));
                $currentInstance.AddOutputLog(([Constants]::DoubleDashLine + " `r`n"));
            }
            catch 
            {
                $currentInstance.PublishException($_);
            }
        });

        $this.RegisterEvent([AzSKRootEvent]::CommandProcessing, {
            $currentInstance = [WriteDetailedLog]::GetInstance();
            try 
            {
                if($Event.SourceArgs.Messages)
                {
                    $currentInstance.SetFilePath($Event.SourceArgs.SubscriptionContext, $Event.SourceArgs.SubscriptionContext.SubscriptionName, "Detailed.LOG");
                    $Event.SourceArgs.Messages | ForEach-Object {
                        $currentInstance.AddOutputLog($_);
                    }
                }
            }
            catch 
            {
                $currentInstance.PublishException($_);
            }
        });

        $this.RegisterEvent([AzSKRootEvent]::CommandCompleted, {
            $currentInstance = [WriteDetailedLog]::GetInstance();
            try 
            {
                if($Event.SourceArgs.Messages)
                {
                    $currentInstance.SetFilePath($Event.SourceArgs.SubscriptionContext, $Event.SourceArgs.SubscriptionContext.SubscriptionName, "Detailed.LOG");
                    $Event.SourceArgs.Messages | ForEach-Object {
                        $currentInstance.AddOutputLog($_);
                    }
                }
                $currentInstance.FilePath = "";
            }
            catch 
            {
                $currentInstance.PublishException($_);
            }
        });
    }

    hidden [void] AddOutputLog([string] $message, [bool] $includeTimeStamp)   
    {
        if([string]::IsNullOrEmpty($message) -or [string]::IsNullOrEmpty($this.FilePath))
        {
            return;
        }
             
        if($includeTimeStamp)
        {
            $message = (Get-Date -format "MM\/dd\/yyyy HH:mm:ss") + "-" + $message
        }

        Add-Content -Value $message -Path $this.FilePath        
    } 

    hidden [void] AddOutputLog([string] $message)   
    {
       $this.AddOutputLog($message, $false);  
    } 

    hidden [void] AddOutputLog([MessageData] $messageData)
    {
        if($messageData)
        {
            if (-not [string]::IsNullOrEmpty($messageData.Message)) 
            {
                $this.AddOutputLog($messageData.Message);
                #$this.AddOutputLog("`r`n" + $messageData.Message);
            }
            
            if ($messageData.DataObject) {
                if (-not [string]::IsNullOrEmpty($messageData.Message)) 
                {
                    #$this.AddOutputLog("`r`n");
                }
                $this.AddOutputLog([Helpers]::ConvertObjectToString($messageData.DataObject, $false));                    
            }
            
        }
    }

    hidden [void] WriteControlResult([SVTEventContext] $eventContext)
    {
        if($eventContext.ControlResults -and $eventContext.ControlResults.Count -ne 0)
        {
            $controlDesc = $eventContext.ControlItem.Description;
            $eventContext.ControlResults | Foreach-Object {
                if(-not [string]::IsNullOrWhiteSpace($_.ChildResourceName))
                {
                    $this.AddOutputLog("`r`n"+([Constants]::SingleDashLine));
                    $this.AddOutputLog(("Checking: [{0}]-[$controlDesc] for resource [{1}]" -f 
                             $eventContext.FeatureName, 
                             $_.ChildResourceName), 
                        $true);
                }            

                $_.Messages | ForEach-Object {
                    $this.AddOutputLog($_);
                }
            
                # Add attestation data to log
                if($_.StateManagement -and $_.StateManagement.AttestedStateData)
                {
                    $this.AddOutputLog([Constants]::SingleDashLine);                    

                    $stateObject = $_.StateManagement.AttestedStateData;
                    $this.AddOutputLog("Justification: $($stateObject.Justification)");
                    $this.AddOutputLog("Attested by: [$($stateObject.AttestedBy)] on [$($stateObject.AttestedDate)]");
                    if($_.AttestationStatus -eq [AttestationStatus]::None)
                    {
                        $this.AddOutputLog("**State drift occurred**: The attested state doesn't match with the current state. Attestation status has been reset.");
                        if(-not [string]::IsNullOrWhiteSpace($stateObject.Message))
                        {
                            $this.AddOutputLog($stateObject.Message);
                        }

                        if ($stateObject.DataObject) 
                        {                            
                            $this.AddOutputLog("Attestation Data");
                            $this.AddOutputLog([Helpers]::ConvertObjectToString($stateObject.DataObject, $false));                    
                        }
                    }
                    else
                    {
                        $this.AddOutputLog("Attestation status: [$($_.AttestationStatus)]");
                    }
                    if($_.VerificationResult -eq [VerificationResult]::NotScanned)
                    {
                        if($stateObject.DataObject)
                        {
                            $this.AddOutputLog("Attestation Data");
                            $this.AddOutputLog("Attested Data:"+[Helpers]::ConvertObjectToString($stateObject.DataObject, $false));              
                        }
                        else
                        {
                            $this.AddOutputLog("Attested Data: None");    
                        }
                        if(![string]::IsNullOrWhiteSpace($stateObject.ExpiryDate))
                        {
                            $this.AddOutputLog("Attestation expiry date: [$($stateObject.ExpiryDate)]");
                        }
                    }
                }

                #$this.AddOutputLog("`r`n");
                if($_.VerificationResult -ne [VerificationResult]::NotScanned)
                {
                    $this.AddOutputLog([Constants]::SingleDashLine);

                    if($eventContext.IsResource())
                    {
                        $resourceName = $eventContext.ResourceContext.ResourceName;
                        if(-not [string]::IsNullOrWhiteSpace($_.ChildResourceName))
                        {
                            $resourceName = $_.ChildResourceName;
                        }

                        $this.AddOutputLog(("**{3}**: [{0}]-[{2}] for resource: [{1}]" -f 
                                $eventContext.FeatureName, 
                                $resourceName, 
                                $eventContext.ControlItem.Description, 
                                $_.VerificationResult.ToString()));      
                    }
                    else
                    {        
                        $this.AddOutputLog(("**{3}**: [{0}]-[{2}] for subscription: [{1}]" -f 
                                $eventContext.FeatureName, 
                                $eventContext.SubscriptionContext.SubscriptionName, 
                                $eventContext.ControlItem.Description, 
                                $_.VerificationResult.ToString()));     
                    }
                }
            }
        }
        else
        {
            #$this.AddOutputLog("`r`n");
            $this.AddOutputLog([Constants]::SingleDashLine);
            $this.AddOutputLog(("**Disabled**: [{0}]-[{1}]" -f 
                        $eventContext.FeatureName, 
                        $eventContext.ControlItem.Description));
        }      

        $this.AddOutputLog([Constants]::SingleDashLine);
    } 
}