Release 6.1 (#41)

* update from inner source
* fix build
---------

src/ViennaNET.ArcSight.DefaultConfiguration/ArcSightPackage.cs

@@ -3,9 +3,8 @@
 
 namespace ViennaNET.ArcSight.DefaultConfiguration
 {
-  /// <inheritdoc />
   /// <summary>
-  /// Пакет SimpleInjector для работы с ArcSight
+  ///   Пакет SimpleInjector для работы с ArcSight
   /// </summary>
   public class ArcSightPackage : IPackage
   {
@@ -17,4 +16,4 @@ public void RegisterServices(Container container)
       container.Register<ICefSenderFactory, CefSenderFactory>(Lifestyle.Singleton);
     }
   }
-}
+}

src/ViennaNET.ArcSight/CefEncoder.cs

@@ -6,7 +6,7 @@ internal static class CefEncoder
   {
     public static string EncodeHeader(string value)
     {
-      return new string(value.Trim().SelectMany(EncodeHeader).ToArray());
+      return new(value.Trim().SelectMany(EncodeHeader).ToArray());
     }
 
     private static string EncodeHeader(char c)
@@ -24,7 +24,7 @@ private static string EncodeHeader(char c)
 
     public static string EncodeExtension(string value)
     {
-      return new string(value.Trim().SelectMany(EncodeExtension).ToArray());
+      return new(value.Trim().SelectMany(EncodeExtension).ToArray());
     }
 
     private static string EncodeExtension(char c)
@@ -44,4 +44,4 @@ private static string EncodeExtension(char c)
       }
     }
   }
-}
+}

src/ViennaNET.ArcSight/CefMessage.cs

@@ -7,54 +7,10 @@
 namespace ViennaNET.ArcSight
 {
   /// <summary>
-  /// Сообщение в ArcSight в стандартном CEF-формате
+  ///   Сообщение в ArcSight в стандартном CEF-формате
   /// </summary>
   public class CefMessage
   {
-    /// <summary>
-    /// Комментарий из документации:
-    /// Version is an integer and identifies the version of the CEF format. Event consumers use this
-    /// information to determine what the following fields represent.The current CEF version is 0 (CEF:0).
-    /// </summary>
-    public int Version => 0;
-
-    public string DeviceVendor { get; }
-
-    public string DeviceProduct { get; }
-
-    public string DeviceVersion { get; }
-
-    /// <summary>
-    /// Комментарий из документации:
-    /// Device Event Class ID is a unique identifier per event-type. This can be a string or an integer. Device
-    /// Event Class ID identifies the type of event reported.In the intrusion detection system(IDS) world, each
-    /// signature or rule that detects certain activity has a unique Device Event Class ID assigned.This is a
-    /// requirement for other types of devices as well, and helps correlation engines process the events.Also
-    /// known as Signature ID.
-    /// </summary>
-    public int DeviceEventClassId { get; }
-
-    /// <summary>
-    /// Комментарий из документации:
-    /// Name is a string representing a human-readable and understandable description of the event. The
-    /// event name should not contain information that is specifically mentioned in other fields.For example:
-    /// "Port scan from 10.0.0.1 targeting 20.1.1.1" is not a good event name.It should be: "Port scan". The other
-    /// information is redundant and can be picked up from the other fields.
-    /// </summary>
-    public string Name { get; }
-
-    /// <summary>
-    /// Комментарий из документации:
-    /// Severity is a string or integer and reflects the importance of the event. The valid string values are
-    /// Unknown, Low, Medium, High, and Very-High.The valid integer values are 0-3=Low, 4-6=Medium, 7-8=High, and
-    /// 9-10=Very-High.
-    /// </summary>
-    public CefSeverity Severity { get; }
-
-    public Extensions Extensions { get; }
-
-    public string HostName { get; }
-
     public CefMessage(
       DateTimeOffset startTime,
       string hostName,
@@ -80,5 +36,49 @@ public CefMessage(
         throw new CefMessageValidationException(result.Results.ToErrorsString());
       }
     }
+
+    /// <summary>
+    ///   Комментарий из документации:
+    ///   Version is an integer and identifies the version of the CEF format. Event consumers use this
+    ///   information to determine what the following fields represent.The current CEF version is 0 (CEF:0).
+    /// </summary>
+    public int Version => 0;
+
+    public string DeviceVendor { get; }
+
+    public string DeviceProduct { get; }
+
+    public string DeviceVersion { get; }
+
+    /// <summary>
+    ///   Комментарий из документации:
+    ///   Device Event Class ID is a unique identifier per event-type. This can be a string or an integer. Device
+    ///   Event Class ID identifies the type of event reported.In the intrusion detection system(IDS) world, each
+    ///   signature or rule that detects certain activity has a unique Device Event Class ID assigned.This is a
+    ///   requirement for other types of devices as well, and helps correlation engines process the events.Also
+    ///   known as Signature ID.
+    /// </summary>
+    public int DeviceEventClassId { get; }
+
+    /// <summary>
+    ///   Комментарий из документации:
+    ///   Name is a string representing a human-readable and understandable description of the event. The
+    ///   event name should not contain information that is specifically mentioned in other fields.For example:
+    ///   "Port scan from 10.0.0.1 targeting 20.1.1.1" is not a good event name.It should be: "Port scan". The other
+    ///   information is redundant and can be picked up from the other fields.
+    /// </summary>
+    public string Name { get; }
+
+    /// <summary>
+    ///   Комментарий из документации:
+    ///   Severity is a string or integer and reflects the importance of the event. The valid string values are
+    ///   Unknown, Low, Medium, High, and Very-High.The valid integer values are 0-3=Low, 4-6=Medium, 7-8=High, and
+    ///   9-10=Very-High.
+    /// </summary>
+    public CefSeverity Severity { get; }
+
+    public Extensions Extensions { get; }
+
+    public string HostName { get; }
   }
 }

src/ViennaNET.ArcSight/CefMessageSerializer.cs

@@ -10,12 +10,14 @@
 namespace ViennaNET.ArcSight
 {
   /// <summary>
-  /// Сериализатор для преобразования <see cref="CefMessage"/> в <see cref="SyslogMessage"/>/>
+  ///   Сериализатор для преобразования <see cref="CefMessage" /> в <see cref="SyslogMessage" />/>
   /// </summary>
   public class CefMessageSerializer : ISyslogMessageSerializer
   {
     private static readonly Dictionary<string, string> cefKeys;
 
+    private readonly ISyslogMessageSerializer _syslogMessageSerializer;
+
     static CefMessageSerializer()
     {
       Extensions exp;
@@ -151,10 +153,8 @@ static CefMessageSerializer()
       };
     }
 
-    private readonly ISyslogMessageSerializer _syslogMessageSerializer;
-
     /// <summary>
-    /// Contructor
+    ///   Contructor
     /// </summary>
     /// <param name="syslogMessageSerializer">ISyslogMessageSerializer interface</param>
     public CefMessageSerializer(ISyslogMessageSerializer syslogMessageSerializer)
@@ -163,29 +163,39 @@ public CefMessageSerializer(ISyslogMessageSerializer syslogMessageSerializer)
     }
 
     /// <summary>
-    /// Сериализует сообщение из <see cref="CefMessage"/> в <see cref="SyslogMessage"/> 
+    ///   Сериализует сообщение в формате Syslog в поток
+    /// </summary>
+    /// <param name="message">Сообщение в формате Syslog</param>
+    /// <param name="stream">Поток для помещения сериализованного сообщения</param>
+    public void Serialize(SyslogMessage message, Stream stream)
+    {
+      _syslogMessageSerializer.Serialize(message, stream);
+    }
+
+    /// <summary>
+    ///   Сериализует сообщение из <see cref="CefMessage" /> в <see cref="SyslogMessage" />
     /// </summary>
     /// <param name="message">Сообщение для сериализации</param>
     /// <returns>Сообщение в формате библиотеки Syslog</returns>
     public SyslogMessage Serialize(CefMessage message)
     {
       var msg = string.Join("|",
-                            message.Version,
-                            CefEncoder.EncodeHeader(message.DeviceVendor),
-                            CefEncoder.EncodeHeader(message.DeviceProduct),
-                            CefEncoder.EncodeHeader(message.DeviceVersion),
-                            message.DeviceEventClassId,
-                            CefEncoder.EncodeHeader(message.Name),
-                            (int)message.Severity,
-                            Serialize(message.Extensions));
+        message.Version,
+        CefEncoder.EncodeHeader(message.DeviceVendor),
+        CefEncoder.EncodeHeader(message.DeviceProduct),
+        CefEncoder.EncodeHeader(message.DeviceVersion),
+        message.DeviceEventClassId,
+        CefEncoder.EncodeHeader(message.Name),
+        (int)message.Severity,
+        Serialize(message.Extensions));
 
       return new SyslogMessage(
-                               message.Extensions.StartTime,
-                               Facility.UserLevelMessages,
-                               message.Severity.ToSyslogSeverity(),
-                               message.HostName,
-                               "CEF",
-                               msg);
+        message.Extensions.StartTime,
+        Facility.UserLevelMessages,
+        message.Severity.ToSyslogSeverity(),
+        message.HostName,
+        "CEF",
+        msg);
     }
 
     private static string Serialize(Extensions extensions)
@@ -195,21 +205,29 @@ private static string Serialize(Extensions extensions)
       result.Append(Serialize(nameof(extensions.DeviceAction), extensions.DeviceAction));
       result.Append(Serialize(nameof(extensions.ApplicationProtocol), extensions.ApplicationProtocol));
       result.Append(Serialize(nameof(extensions.DeviceCustomIPv6Address1), extensions.DeviceCustomIPv6Address1));
-      result.Append(Serialize(nameof(extensions.DeviceCustomIPv6Address1Label), extensions.DeviceCustomIPv6Address1Label));
+      result.Append(Serialize(nameof(extensions.DeviceCustomIPv6Address1Label),
+        extensions.DeviceCustomIPv6Address1Label));
       result.Append(Serialize(nameof(extensions.DeviceCustomIPv6Address2), extensions.DeviceCustomIPv6Address2));
-      result.Append(Serialize(nameof(extensions.DeviceCustomIPv6Address2Label), extensions.DeviceCustomIPv6Address2Label));
+      result.Append(Serialize(nameof(extensions.DeviceCustomIPv6Address2Label),
+        extensions.DeviceCustomIPv6Address2Label));
       result.Append(Serialize(nameof(extensions.DeviceCustomIPv6Address3), extensions.DeviceCustomIPv6Address3));
-      result.Append(Serialize(nameof(extensions.DeviceCustomIPv6Address3Label), extensions.DeviceCustomIPv6Address3Label));
+      result.Append(Serialize(nameof(extensions.DeviceCustomIPv6Address3Label),
+        extensions.DeviceCustomIPv6Address3Label));
       result.Append(Serialize(nameof(extensions.DeviceCustomIPv6Address4), extensions.DeviceCustomIPv6Address4));
-      result.Append(Serialize(nameof(extensions.DeviceCustomIPv6Address4Label), extensions.DeviceCustomIPv6Address4Label));
+      result.Append(Serialize(nameof(extensions.DeviceCustomIPv6Address4Label),
+        extensions.DeviceCustomIPv6Address4Label));
       result.Append(Serialize(nameof(extensions.DeviceCustomFloatingPoint1), extensions.DeviceCustomFloatingPoint1));
-      result.Append(Serialize(nameof(extensions.DeviceCustomFloatingPoint1Label), extensions.DeviceCustomFloatingPoint1Label));
+      result.Append(Serialize(nameof(extensions.DeviceCustomFloatingPoint1Label),
+        extensions.DeviceCustomFloatingPoint1Label));
       result.Append(Serialize(nameof(extensions.DeviceCustomFloatingPoint2), extensions.DeviceCustomFloatingPoint2));
-      result.Append(Serialize(nameof(extensions.DeviceCustomFloatingPoint2Label), extensions.DeviceCustomFloatingPoint2Label));
+      result.Append(Serialize(nameof(extensions.DeviceCustomFloatingPoint2Label),
+        extensions.DeviceCustomFloatingPoint2Label));
       result.Append(Serialize(nameof(extensions.DeviceCustomFloatingPoint3), extensions.DeviceCustomFloatingPoint3));
-      result.Append(Serialize(nameof(extensions.DeviceCustomFloatingPoint3Label), extensions.DeviceCustomFloatingPoint3Label));
+      result.Append(Serialize(nameof(extensions.DeviceCustomFloatingPoint3Label),
+        extensions.DeviceCustomFloatingPoint3Label));
       result.Append(Serialize(nameof(extensions.DeviceCustomFloatingPoint4), extensions.DeviceCustomFloatingPoint4));
-      result.Append(Serialize(nameof(extensions.DeviceCustomFloatingPoint4Label), extensions.DeviceCustomFloatingPoint4Label));
+      result.Append(Serialize(nameof(extensions.DeviceCustomFloatingPoint4Label),
+        extensions.DeviceCustomFloatingPoint4Label));
       result.Append(Serialize(nameof(extensions.DeviceCustomNumber1), extensions.DeviceCustomNumber1));
       result.Append(Serialize(nameof(extensions.DeviceCustomNumber1Label), extensions.DeviceCustomNumber1Label));
       result.Append(Serialize(nameof(extensions.DeviceCustomNumber2), extensions.DeviceCustomNumber2));
@@ -231,7 +249,8 @@ private static string Serialize(Extensions extensions)
       result.Append(Serialize(nameof(extensions.DeviceCustomString6Label), extensions.DeviceCustomString6Label));
       result.Append(Serialize(nameof(extensions.DestinationDnsDomain), extensions.DestinationDnsDomain));
       result.Append(Serialize(nameof(extensions.DestinationServiceName), extensions.DestinationServiceName));
-      result.Append(Serialize(nameof(extensions.DestinationTranslatedAddress), extensions.DestinationTranslatedAddress));
+      result.Append(Serialize(nameof(extensions.DestinationTranslatedAddress),
+        extensions.DestinationTranslatedAddress));
       result.Append(Serialize(nameof(extensions.DestinationTranslatedPort), extensions.DestinationTranslatedPort));
       result.Append(Serialize(nameof(extensions.DeviceCustomDate1), extensions.DeviceCustomDate1));
       result.Append(Serialize(nameof(extensions.DeviceCustomDate1Label), extensions.DeviceCustomDate1Label));
@@ -246,7 +265,8 @@ private static string Serialize(Extensions extensions)
       result.Append(Serialize(nameof(extensions.DeviceOutboundInterface), extensions.DeviceOutboundInterface));
       result.Append(Serialize(nameof(extensions.DevicePayloadId), extensions.DevicePayloadId));
       result.Append(Serialize(nameof(extensions.DeviceProcessName), extensions.DeviceProcessName));
-      result.Append(Serialize(nameof(extensions.DestinationTranslatedAddress), extensions.DestinationTranslatedAddress));
+      result.Append(Serialize(nameof(extensions.DestinationTranslatedAddress),
+        extensions.DestinationTranslatedAddress));
       result.Append(Serialize(nameof(extensions.DestinationHostName), extensions.DestinationHostName));
       result.Append(Serialize(nameof(extensions.DestinationMacAddress), extensions.DestinationMacAddress));
       result.Append(Serialize(nameof(extensions.DestinationNtDomain), extensions.DestinationNtDomain));
@@ -321,7 +341,7 @@ private static string Serialize(Extensions extensions)
       result.Append(Serialize(nameof(extensions.Type), extensions.Type));
 
       return result.ToString()
-                   .Trim();
+        .Trim();
     }
 
     [CanBeNull]
@@ -337,7 +357,7 @@ private static string Serialize<T>(string fullName, T value)
       if (value is Enum)
       {
         valueAsString = Convert.ToInt32(value)
-                               .ToString();
+          .ToString();
       }
       else if (value is DateTimeOffset)
       {
@@ -350,15 +370,5 @@ private static string Serialize<T>(string fullName, T value)
 
       return $"{cefKeys[fullName]}={valueAsString} ";
     }
-
-    /// <summary>
-    /// Сериализует сообщение в формате Syslog в поток
-    /// </summary>
-    /// <param name="message">Сообщение в формате Syslog</param>
-    /// <param name="stream">Поток для помещения сериализованного сообщения</param>
-    public void Serialize(SyslogMessage message, Stream stream)
-    {
-      _syslogMessageSerializer.Serialize(message, stream);
-    }
   }
-}
+}

src/ViennaNET.ArcSight/CefSender.cs

@@ -14,16 +14,6 @@ public CefSender(ISyslogMessageSender syslogMessageSender)
       _syslogMessageSender = syslogMessageSender;
     }
 
-    public void Dispose()
-    {
-      _syslogMessageSender.Dispose();
-    }
-
-    public void Reconnect()
-    {
-      _syslogMessageSender.Reconnect();
-    }
-
     public void Send(CefMessage message, CefMessageSerializer serializer)
     {
       Send(serializer.Serialize(message), serializer);
@@ -37,6 +27,16 @@ public void Send(IEnumerable<CefMessage> messages, CefMessageSerializer serializ
       }
     }
 
+    public void Dispose()
+    {
+      _syslogMessageSender.Dispose();
+    }
+
+    public void Reconnect()
+    {
+      _syslogMessageSender.Reconnect();
+    }
+
     public void Send(SyslogMessage message, ISyslogMessageSerializer serializer)
     {
       _syslogMessageSender.Send(message, serializer);
@@ -47,4 +47,4 @@ public void Send(IEnumerable<SyslogMessage> messages, ISyslogMessageSerializer s
       _syslogMessageSender.Send(messages, serializer);
     }
   }
-}
+}

src/ViennaNET.ArcSight/CefSenderFactory.cs

@@ -11,7 +11,7 @@ public class CefSenderFactory : ICefSenderFactory
     private readonly ILogger _logger;
 
     /// <summary>
-    /// Contructor
+    ///   Contructor
     /// </summary>
     /// <param name="logger">A logger interface</param>
     public CefSenderFactory(ILogger<CefSenderFactory> logger)
@@ -43,4 +43,4 @@ public ICefSender CreateSender(ArcSightSection cefConfig)
       return new CefSender(syslogSender);
     }
   }
-}
+}

src/ViennaNET.ArcSight/CefSeverity.cs

@@ -1,7 +1,7 @@
 namespace ViennaNET.ArcSight
 {
   /// <summary>
-  /// Уровень критичности сообщения в ArcSight
+  ///   Уровень критичности сообщения в ArcSight
   /// </summary>
   public enum CefSeverity
   {