Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

network.detectors
Class DeletedProcessEventDetector

java.lang.Object
  extended bynetwork.detectors.EventDetector
      extended bynetwork.detectors.DeletedProcessEventDetector
All Implemented Interfaces:
java.lang.Runnable, java.io.Serializable
public class DeletedProcessEventDetector
extends EventDetector
implements java.io.Serializable

This detector keeps a record of all processes seen on the system, and compares against this record any process events (network.events.ProcessMonitoringEvent) that occur. If a process is deleted, we generate a network.events.DeletedProcessEvent.

See Also:
Serialized Form

Field Summary
 
Fields inherited from class network.detectors.EventDetector
agentURN, cred, dbModule, eventIDGenerator, eventTable, host, localTriggeringEvents, remoteTriggeringEvents, reportTable
 
Constructor Summary
DeletedProcessEventDetector(ConfigObject configObj)
          The default constructor.
 
Method Summary
 java.util.Vector generateEvent(Event triggeringEvent)
          This detector is triggered by a network.events.ProcessMonitoringEvent.
 java.lang.String getGeneratingEventClassName()
          Returns the fully-qualified classname of the event that this detector may generate.
 java.util.Vector testProcessMonitoringEvent(ProcessMonitoringEvent event)
          This method checks to see which process was created or deleted.
 
Methods inherited from class network.detectors.EventDetector
getAlarmLevel, getAlertLevel, getLocalTriggeringEventClassNames, getRemoteTriggeringEventClassNames, getSynchronizer, InitializeFields, modifyDetector, populatePatterns, printRunningThreads, run, setAgentURN, setAlarmLevel, setAlertLevel, setDB, setEventIDGenerator, setEventTable, setLocalTriggeringEvents, setRemoteTriggeringEvents, setReportTable, stopDetector, switchOffPrintRunningThreads
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DeletedProcessEventDetector

public DeletedProcessEventDetector(ConfigObject configObj)
The default constructor. We set the triggering events for this object to the default (network.events.ProcessMonitoringEvent).

Method Detail

getGeneratingEventClassName

public java.lang.String getGeneratingEventClassName()
Returns the fully-qualified classname of the event that this detector may generate.

Specified by:
getGeneratingEventClassName in class EventDetector
Returns:
the fully-qualified classname of the event that this detector may generate.

testProcessMonitoringEvent

public java.util.Vector testProcessMonitoringEvent(ProcessMonitoringEvent event)
This method checks to see which process was created or deleted. If a known process was deleted (if the ProcessMonitoringEvent process name is not found in the list of known running processes, it generates a DeletedProcessEvent.

Parameters:
event - the network.events.ProcessMonitoringEvent that triggered the detector.
Returns:
a vector of DeletedProcessEvents.

generateEvent

public java.util.Vector generateEvent(Event triggeringEvent)
This detector is triggered by a network.events.ProcessMonitoringEvent. It runs this.testProcessMonitoringEvent on the triggering event to see if the process action was a deletion.

Specified by:
generateEvent in class EventDetector
Parameters:
triggeringEvent - the event that triggered this detector.
Returns:
the vector of generated DeletedProcessEvents.
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD