public void analyzeData(Dictionary <int, List <SessionData> > debugList = null)
{
foreach (var process in StateManager.monitored_processes.ToList())
{
List <SessionData> somedata = ETWwrapper.getData(process.process.Id);
if (somedata.Count > 0)
{
process.data_processor.Append(somedata);
process.disconnected = somedata.LastOrDefault().disconnected;
process.suspicious = somedata.LastOrDefault().suspicious;
ClientProcessDTO newData = new ClientProcessDTO()
{
processID = process.process.Id,
alias = process.alias,
disconnected = somedata.LastOrDefault().disconnected,
suspicious = somedata.LastOrDefault().suspicious,
timestamp = somedata.LastOrDefault().timestamp,
processStarted = process.process.StartTime,
monitorStartTime = process.monitorStartTime
};
StateManager.addData(newData);
if (debugList != null)
{
// only passed for debugging
if (!debugList.ContainsKey(newData.processID))
{
debugList[newData.processID] = new List <SessionData>();
}
//debugList[newData.processID][typeof(SessionData)] = somedata;
foreach (var data in somedata)
{
debugList[process.process.Id].Add(data);
}
}
}
else
{
ClientProcessDTO newData = new ClientProcessDTO()
{
processID = process.process.Id,
alias = process.alias,
suspicious = true,
timestamp = DateTime.Now,
processStarted = process.process.StartTime,
monitorStartTime = process.monitorStartTime
};
StateManager.addData(newData);
}
}
ETWwrapper.rotate();
}
public static void addData(ClientProcessDTO newData)
{
lock (rotatioMutex)
{
if (!(data_to_send[rotationIndex]).ContainsKey(newData.processID))
{
(data_to_send[rotationIndex])[newData.processID] = new List <ClientProcessDTO>();
}
(data_to_send[rotationIndex])[newData.processID].Add(newData);
}
}
