Exemple #1
0
        private void PickMessage()
        {
            while (true)
            {
                List <ProcessEventItem> messageList = new List <ProcessEventItem>();

                lock (_messageQueue)
                {
                    while (_messageQueue.Count > 0)
                    {
                        ProcessEventItem message = _messageQueue.Dequeue();
                        messageList.Add(message);
                    }

                    if (messageList.Any())
                    {
                        MessageReceived?.Invoke(this, new MessageEventArgs()
                        {
                            MessageList = messageList
                        });
                    }
                }

                Thread.Sleep(AppConst.Frequency);
            }
        }
Exemple #2
0
        public DetailViewModel(ProcessEventItem processEvent)
        {
            WindowTitle = $"{AppConst.AppName}";
            if (!string.IsNullOrEmpty(processEvent.ProcessInfo.FileName))
            {
                WindowTitle += $" ({ processEvent.ProcessInfo.FileName})";
            }

            ProcessEvent = processEvent;
            ProcessIcon  = GetProcessIconBitmap(processEvent.ProcessInfo.DosPath);
        }
Exemple #3
0
        private void ReceiveMessage(FilterPayload filterPayload)
        {
            lock (_messageQueue)
            {
                ProcessEventItem processEvent = new ProcessEventItem()
                {
                    Number      = ++_messageCount,
                    Type        = (MonitoringType)filterPayload.Type,
                    Operation   = (Operations)filterPayload.Operation,
                    ProcessInfo = new ProcessInfoItem()
                    {
                        ProcessId       = filterPayload.ProcessInfo.ProcessId,
                        ParentProcessId = filterPayload.ProcessInfo.ParentProcessId,
                        RawPath         = filterPayload.ProcessInfo.RawPath,
                        DosPath         = filterPayload.ProcessInfo.DosPath,
                        FileName        = filterPayload.ProcessInfo.FileName
                    },
                    ThreadId     = filterPayload.ThreadId,
                    TargetId     = filterPayload.TargetId,
                    RawPath      = filterPayload.RawPath,
                    DosPath      = filterPayload.DosPath,
                    IoResult     = filterPayload.IoResult,
                    IoResultText = ConversionHelper.ConvertHResultToHexString(filterPayload.IoResult),
                    DetailText   = string.Empty,
                    TimeStamp    = filterPayload.CurrentTime,
                    DateTimeText = ConversionHelper.ConvertTimeStempToStringFormat(filterPayload.CurrentTime)
                };

                switch (processEvent.Operation)
                {
                case Operations.ProcessCreate:
                    processEvent.DetailText = $"Created Process ID : {processEvent.TargetId}";
                    break;

                case Operations.ThreadCreate:
                    processEvent.DetailText = $"Created Thread ID : {processEvent.TargetId}";
                    break;
                }

                _messageQueue.Enqueue(processEvent);
            }
        }
Exemple #4
0
        public DetailWindow(ProcessEventItem processEventItem)
        {
            InitializeComponent();

            DataContext = new DetailViewModel(processEventItem);
        }