Switched logging to serilog. Now actually works. (#63)

Author: gfs

AttackSurfaceAnalyzer.sln

@@ -12,14 +12,12 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
 	ProjectSection(SolutionItems) = preProject
 		BUILD.md = BUILD.md
 		CONTRIBUTING.md = CONTRIBUTING.md
+		filters.json = filters.json
 		global.json = global.json
+		LICENSE = LICENSE
 		PRIVACY.md = PRIVACY.md
 		README.md = README.md
 		version.json = version.json
-		filters.json = filters.json
-		LICENSE.txt = LICENSE.txt
-		nlog.config = nlog.config
-		NOTICE.txt = NOTICE.txt
 	EndProjectSection
 EndProject
 Global

Cli/AttackSurfaceAnalyzerCli.csproj

@@ -17,16 +17,20 @@
 
   <ItemGroup>
     <PackageReference Include="CommandLineParser" Version="2.4.3" />
+    <PackageReference Include="Microsoft.ApplicationInsights.NLogTarget" Version="2.9.1" />
     <PackageReference Include="RazorLight" Version="2.0.0-beta1" />
     <PackageReference Include="Microsoft.Data.Sqlite" Version="2.2.3" />
+    <PackageReference Include="Serilog" Version="2.8.0" />
     <PackageReference Include="System.Management" Version="4.6.0-preview.19073.11" />
     <PackageReference Include="System.Text.RegularExpressions" Version="4.3.0" />
     <PackageReference Include="Nerdbank.GitVersioning" Version="2.3.138" />
-    <PackageReference Include="NLog" Version="4.6.1" />
+    <PackageReference Include="NLog" Version="4.6.2" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\Lib\AttackSurfaceAnalyzerLib.csproj" />
-    <Content Include="Output\Output.cshtml" CopyToPublishDirectory="PreserveNewest" />
+    <Content Include="Output\Output.cshtml" CopyToPublishDirectory="PreserveNewest">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </Content>
     <Content Include="..\LICENSE.txt">
       <Link>LICENSE.txt</Link>
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>

Cli/Program.cs

@@ -22,6 +22,7 @@
     <PackageReference Include="Diff.Match.Patch" Version="2.1.0" />
     <PackageReference Include="BundlerMinifier.Core" Version="2.9.406" />
       <PackageReference Include="Microsoft.AspNetCore.App" />
+      <PackageReference Include="Serilog" Version="2.8.0" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\Lib\AttackSurfaceAnalyzerLib.csproj" />

Gui/AttackSurfaceAnalyzerGui.csproj

@@ -17,6 +17,7 @@
 using Microsoft.ApplicationInsights.Extensibility;
 using System.Runtime.InteropServices;
 using Microsoft.ApplicationInsights;
+using Serilog;
 
 namespace AttackSurfaceAnalyzer.Gui.Controllers
 {
@@ -421,8 +422,8 @@ public ActionResult StartMonitoring(string RunId, string Directory, string Exten
                 }
                 catch (Exception e)
                 {
-                    Logger.Instance.Warn(e.StackTrace);
-                    Logger.Instance.Warn(e.Message);
+                    Log.Warning(e.StackTrace);
+                    Log.Warning(e.Message);
                     return Json((int)ERRORS.UNIQUE_ID);
                 }
             }

Gui/Controllers/HomeController.cs

@@ -41,7 +41,9 @@ This NuGet contains the AttackSurfaceAnalyzer Library, which is used by the CLI
     <PackageReference Include="Microsoft.PowerShell.SDK" Version="6.2.0" />
     <PackageReference Include="Microsoft.Win32.Registry" Version="4.6.0-preview.19073.11" />
     <PackageReference Include="murmurhash" Version="1.0.3" />
-    <PackageReference Include="NLog.Extensions.Logging" Version="1.4.0" />
+    <PackageReference Include="Serilog" Version="2.8.0" />
+    <PackageReference Include="Serilog.Sinks.Console" Version="3.1.1" />
+    <PackageReference Include="Serilog.Sinks.File" Version="4.0.0" />
     <PackageReference Include="System.Data.HashFunction.xxHash" Version="2.0.0" />
     <PackageReference Include="System.Diagnostics.Process" Version="4.3.0" />
     <PackageReference Include="System.Management" Version="4.6.0-preview.19073.11" />
@@ -52,7 +54,6 @@ This NuGet contains the AttackSurfaceAnalyzer Library, which is used by the CLI
     <PackageReference Include="System.Security.AccessControl" Version="4.6.0-preview.19073.11" />
     <PackageReference Include="System.Threading.AccessControl" Version="4.6.0-preview.19073.11" />
     <PackageReference Include="Newtonsoft.Json" Version="12.0.1" />
-    <PackageReference Include="NLog" Version="4.6.1" />
     <PackageReference Include="Microsoft.Data.Sqlite" Version="2.2.3" />
     <PackageReference Include="NuGet.Build.Packaging" Version="0.2.2">
       <PrivateAssets>all</PrivateAssets>

Lib/AttackSurfaceAnalyzerLib.csproj

@@ -1,6 +1,7 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 using AttackSurfaceAnalyzer.ObjectTypes;
+using Serilog;
 
 namespace AttackSurfaceAnalyzer.Collectors
 {

Lib/Collectors/BaseCollector.cs

@@ -5,6 +5,7 @@
 using AttackSurfaceAnalyzer.ObjectTypes;
 using AttackSurfaceAnalyzer.Utils;
 using Microsoft.Data.Sqlite;
+using Serilog;
 
 namespace AttackSurfaceAnalyzer.Collectors
 {
@@ -37,8 +38,8 @@ public bool TryCompare(string firstRunId, string secondRunId)
             }
             catch(Exception ex)
             {
-                Logger.Instance.Warn(ex, "Exception from Compare(): {0}", ex.StackTrace);
-                Logger.Instance.Warn(ex.Message);
+                Log.Warning(ex, "Exception from Compare(): {0}", ex.StackTrace);
+                Log.Warning(ex.Message);
                 Stop();
                 return false;
             }

Lib/Collectors/BaseCompare.cs

@@ -1,6 +1,7 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 using AttackSurfaceAnalyzer.ObjectTypes;
+using Serilog;
 
 namespace AttackSurfaceAnalyzer.Collectors
 {

Lib/Collectors/BaseMonitor.cs

@@ -11,6 +11,7 @@
 using System.Security.Cryptography.X509Certificates;
 using Newtonsoft.Json;
 using Newtonsoft.Json.Serialization;
+using Serilog;
 
 namespace AttackSurfaceAnalyzer.Collectors.Certificates
 {
@@ -70,11 +71,11 @@ public void Write(StoreLocation storeLocation, StoreName storeName, X509Certific
             }
             catch (NullReferenceException e)
             {
-                Logger.Instance.Warn(e.StackTrace);
+                Log.Warning(e.StackTrace);
             }
             catch (Microsoft.Data.Sqlite.SqliteException e)
             {
-                Logger.Instance.Warn(e.Message);
+                Log.Warning(e.Message);
                 //This catches duplicate certificates
             }
         }
@@ -106,9 +107,9 @@ public override void Execute()
                     }
                     catch (Exception e)
                     {
-                        Logger.Instance.Debug(e.StackTrace);
-                        Logger.Instance.Debug(e.GetType());
-                        Logger.Instance.Debug(e.Message);
+                        Log.Debug(e.StackTrace);
+                        Log.Debug(e.GetType().ToString());
+                        Log.Debug(e.Message);
                     }
                 }
             }

Lib/Collectors/Certificates/CertificateCollector.cs

@@ -5,6 +5,7 @@
 using AttackSurfaceAnalyzer.Utils;
 using Microsoft.Data.Sqlite;
 using AttackSurfaceAnalyzer.ObjectTypes;
+using Serilog;
 
 namespace AttackSurfaceAnalyzer.Collectors.Certificates
 {
@@ -98,8 +99,8 @@ public override void Compare(string firstRunId, string secondRunId)
             }
             catch (Exception e)
             {
-                Logger.Instance.Debug(e.StackTrace);
-                Logger.Instance.Debug(e.Message);
+                Log.Debug(e.StackTrace);
+                Log.Debug(e.Message);
             }
         }
     }

Lib/Collectors/Certificates/CertificateCompare.cs

@@ -12,6 +12,7 @@
 using AttackSurfaceAnalyzer.Utils;
 using Microsoft.Data.Sqlite;
 using Newtonsoft.Json;
+using Serilog;
 
 namespace AttackSurfaceAnalyzer.Collectors.FileSystem
 {
@@ -51,7 +52,7 @@ public void WriteUntilEmpty()
             CommitTimer.Enabled = false;
             while (_queue.Count > 0)
             {
-                Logger.Instance.Warn(_queue.Count);
+                Log.Warning(_queue.Count.ToString());
                 FileSystemObject fso = _queue.Dequeue();
                 Write(cmd, fso);
             }
@@ -75,9 +76,9 @@ public void Write(SqliteCommand cmd, FileSystemObject obj)
             }
             catch (Exception e)
             {
-                Logger.Instance.Info(e.StackTrace);
-                Logger.Instance.Info(e.Message);
-                Logger.Instance.Info(e.GetType());
+                Log.Information(e.StackTrace);
+                Log.Information(e.Message);
+                Log.Information(e.GetType().ToString());
             }
         }
 
@@ -120,9 +121,9 @@ public void Write(FileSystemObject obj)
             }
             catch (Exception e)
             {
-                Logger.Instance.Info(e.StackTrace);
-                Logger.Instance.Info(e.Message);
-                Logger.Instance.Info(e.GetType());
+                Log.Information(e.StackTrace);
+                Log.Information(e.Message);
+                Log.Information(e.GetType().ToString());
             }
         }
 
@@ -172,9 +173,9 @@ public override bool CanRunOnPlatform()
         //    }
         //    catch (Exception e)
         //    {
-        //        Logger.Instance.Info(e.StackTrace);
-        //        Logger.Instance.Info(e.Message);
-        //        Logger.Instance.Info(e.GetType());
+        //        Log.Information(e.StackTrace);
+        //        Log.Information(e.Message);
+        //        Log.Information(e.GetType());
         //    }
         //}
 
@@ -216,7 +217,7 @@ public override void Execute()
 
             foreach (var root in this.roots)
             {
-                Logger.Instance.Warn("Scanning root " + root.ToString());
+                Log.Warning("Scanning root " + root.ToString());
                 try
                 {
                     var fileInfoEnumerable = DirectoryWalker.WalkDirectory(root);
@@ -251,13 +252,13 @@ public override void Execute()
                                                 }
                     catch (Exception ex)
                         {
-                            Logger.Instance.Debug(ex, "Error processing {0}", fileInfo?.FullName);
+                            Log.Debug(ex, "Error processing {0}", fileInfo?.FullName);
                         }
                     }));
                 }
                 catch (Exception ex)
                 {
-                    Logger.Instance.Debug(ex, "Error collecting file system information: {0}", ex.Message);
+                    Log.Debug(ex, "Error collecting file system information: {0}", ex.Message);
                 }
             }
 
@@ -270,8 +271,8 @@ public override void Execute()
                                     t.Minutes,
                                     t.Seconds,
                                     t.Milliseconds);
-            Logger.Instance.Info("Completed FileSystemCollector in " + answer);
-            Logger.Instance.Info("Flushing data");
+            Log.Information("Completed FileSystemCollector in " + answer);
+            Log.Information("Flushing data");
             watch = System.Diagnostics.Stopwatch.StartNew();
 
             DatabaseManager.Commit();
@@ -283,7 +284,7 @@ public override void Execute()
                                     t.Minutes,
                                     t.Seconds,
                                     t.Milliseconds);
-            Logger.Instance.Info("Flush completed in " + answer);
+            Log.Information("Flush completed in " + answer);
         }
     }
 }

Lib/Collectors/FileSystem/FileSystemCollector.cs

@@ -6,6 +6,7 @@
 using AttackSurfaceAnalyzer.Utils;
 using Microsoft.Data.Sqlite;
 using Newtonsoft.Json;
+using Serilog;
 
 namespace AttackSurfaceAnalyzer.Collectors.FileSystem
 {
@@ -123,7 +124,7 @@ public override void Compare(string firstRunId, string secondRunId)
             catch (Exception e)
             {
                 // Debugging
-                Logger.Instance.Info(e.Message);
+                Log.Information(e.Message);
             }
         }
     }

Lib/Collectors/FileSystem/FileSystemCompare.cs

@@ -9,6 +9,7 @@
 using AttackSurfaceAnalyzer.Utils;
 using Microsoft.Data.Sqlite;
 using Newtonsoft.Json;
+using Serilog;
 
 namespace AttackSurfaceAnalyzer.Collectors.FileSystem
 {

Lib/Collectors/FileSystem/FileSystemMonitor.cs

@@ -8,6 +8,7 @@
 using System.Security.Cryptography.X509Certificates;
 using AttackSurfaceAnalyzer.Utils;
 using Murmur;
+using Serilog;
 
 namespace AttackSurfaceAnalyzer.Collectors.FileSystem
 {
@@ -31,7 +32,7 @@ protected internal static string GetFilePermissions(FileSystemInfo fileInfo)
 
         protected internal static string GetFileHash(FileSystemInfo fileInfo)
         {
-            Logger.Instance.Debug("Generating file hash for {0}", fileInfo.FullName);
+            Log.Debug("Generating file hash for {0}", fileInfo.FullName);
 
             string hashValue = null;
             try
@@ -43,7 +44,7 @@ protected internal static string GetFileHash(FileSystemInfo fileInfo)
             }
             catch (Exception ex)
             {
-                Logger.Instance.Warn("Unable to take hash of file: {0}: {1}", fileInfo.FullName, ex.Message);
+                Log.Warning("Unable to take hash of file: {0}: {1}", fileInfo.FullName, ex.Message);
             }
             return hashValue;
         }
@@ -75,7 +76,7 @@ public static KeyValuePair<bool, X509Certificate2> GetSignatureDetails(string pa
             }
             catch(Exception ex)
             {
-                Logger.Instance.Debug(ex, "Exception checking for file signature for {0}: {1}", path, ex.Message);
+                Log.Debug(ex, "Exception checking for file signature for {0}: {1}", path, ex.Message);
                 return new KeyValuePair<bool, X509Certificate2>(false, certificate);
             }
 

Lib/Collectors/FileSystem/FileSystemUtils.cs

@@ -4,6 +4,7 @@
 using System.IO;
 using AttackSurfaceAnalyzer.Utils;
 using Mono.Unix;
+using Serilog;
 
 namespace AttackSurfaceAnalyzer.Collectors.FileSystem
 {
@@ -24,7 +25,7 @@ protected internal static string GetFilePermissions(FileSystemInfo fileInfo)
                 }
                 catch (Exception ex)
                 {
-                    Logger.Instance.Warn("Unable to get access control for {0}: {1}", fileInfo.FullName, ex.Message);
+                    Log.Warning("Unable to get access control for {0}: {1}", fileInfo.FullName, ex.Message);
                 }
             }
             else if (fileInfo is DirectoryInfo)
@@ -35,7 +36,7 @@ protected internal static string GetFilePermissions(FileSystemInfo fileInfo)
                 }
                 catch (Exception ex)
                 {
-                    Logger.Instance.Warn("Unable to get access control for {0}: {1}", fileInfo.FullName, ex.Message);
+                    Log.Warning("Unable to get access control for {0}: {1}", fileInfo.FullName, ex.Message);
                 }
             }
             else

Lib/Collectors/FileSystem/LinuxFileSystemUtils.cs

@@ -4,6 +4,7 @@
 using System.IO;
 using System.Security.AccessControl;
 using AttackSurfaceAnalyzer.Utils;
+using Serilog;
 
 namespace AttackSurfaceAnalyzer.Collectors.FileSystem
 {
@@ -26,8 +27,8 @@ protected internal static string GetFilePermissions(FileSystemInfo fileInfo)
                 }
                 catch (Exception ex)
                 {
-                    Logger.Instance.Debug("Unable to get access control for {0}: {1}", fileInfo.FullName, ex.Message);
-                    //Logger.Instance.Debug(ex.StackTrace);
+                    Log.Debug("Unable to get access control for {0}: {1}", fileInfo.FullName, ex.Message);
+                    //Log.Debug(ex.StackTrace);
                 }
             }
             else if (fileInfo is DirectoryInfo)
@@ -38,8 +39,8 @@ protected internal static string GetFilePermissions(FileSystemInfo fileInfo)
                 }
                 catch (Exception ex)
                 {
-                    Logger.Instance.Debug("Unable to get access control for {0}: {1}", fileInfo.FullName, ex.Message);
-                    //Logger.Instance.Debug(ex.StackTrace);
+                    Log.Debug("Unable to get access control for {0}: {1}", fileInfo.FullName, ex.Message);
+                    //Log.Debug(ex.StackTrace);
 
                 }
             }