private void OnTimerWhitelist() { //Parse the whitelist and return map containing all new process instances. foreach (var instEntry in ParseWhitelist()) { //Add the new entry to the master list and then initialize it lock (_PruneInstances) { _PruneInstances.Add(instEntry.Key, instEntry.Value); } Prune.AddEtwCounter(instEntry.Key); instEntry.Value.InitializeInstance(); } }
protected override void OnStart(string[] args) { //register our unhandled exception handler AppDomain.CurrentDomain.UnhandledException += new UnhandledExceptionEventHandler(UnhandedExceptionHandler); //Log that the service is starting bool returnVal = PruneEvents.PRUNE_EVENT_PROVIDER.EventWriteSERVICE_STARTING_EVENT(); //create the ProgramData directory if it does not already exist Directory.CreateDirectory(DirectoryPath); //Read the config file and get it's values ReadConfigFile(); lock (_PruneInstances) { //Parse the whitelist and add all of the Prune process instances to the master list, and to the ETW list Dictionary <int, PruneProcessInstance> list = ParseWhitelist(); foreach (var instEntry in list) { _PruneInstances.Add(instEntry.Key, instEntry.Value); Prune.AddEtwCounter(instEntry.Key); } } //initialize each of the Prune instances try { lock (_PruneInstances) { foreach (PruneProcessInstance inst in _PruneInstances.Values) { inst.InitializeInstance(); } } } catch (Exception e) { Prune.HandleError(true, 1, "Error initializing Prune instances\n" + e.Message + "\n" + e.Source); } //Start the etw sesstion Prune.StartEtwSession(true); try { //Check for old, unlogged files as the service starts ReadOldFiles(); } catch (Exception e) { Prune.HandleError(true, 1, "Error reading old files\n" + e.Message); } //create the timer for gathering data from the performance counters try { _monitorTimer.Elapsed += (sender, e) => { OnTimerMonitor(); }; _monitorTimer.Start(); } catch (Exception e) { Prune.HandleError(true, 1, "Error starting the process monitoring timer\n" + e.Message); return; } //Create and start the timer to monitor the whitelist file try { _whitelistTimer.Elapsed += (sender, e) => { OnTimerWhitelist(); }; _whitelistTimer.Start(); } catch (Exception e) { Prune.HandleError(true, 1, "Error starting the whitelist check timer\n" + e.Message); //cleanup already running timers before exiting _monitorTimer.Stop(); return; } //Create and start the timer to monitor the config file try { _configTimer.Elapsed += (sender, e) => { ReadConfigFile(); }; _configTimer.Start(); } catch (Exception e) { Prune.HandleError(true, 1, "Error starting the configuration file check timer\n" + e.Message); //cleanup already running timers before exiting _monitorTimer.Stop(); _whitelistTimer.Stop(); } }