public void Retrieves_Correct_Process_Name_Before_Trace_Was_Started()
{
var process = Process.Start("cmd", "/c waitfor /T 10 kkkkkkk");
var eventTime = DateTime.Now;
var processStore = new ProcessNameStore();
var name = processStore.ProcessName(process.Id, eventTime);
process.Kill();
Assert.AreEqual("cmd", name);
}
public FileMonitor(Action <MissingFile> displayFile, Action <MissingFile> removeFile,
Action <MissingFile, SearchEvent> addEvent)
{
_displayFile = displayFile;
_removeFile = removeFile;
_addEvent = addEvent;
var fileEventAggregator = new FileIoAggregator(FileEventAvailable);
_provider = new EtwEventProvider("File404Monitor", "Microsoft-Windows-Kernel-File", 0x10c0,
fileEventAggregator);
_nameStore = new ProcessNameStore();
}
public void Retrieves_Correct_Process_Name_During_Trace()
{
var processStore = new ProcessNameStore();
Thread.Sleep(5000);
var process = Process.Start("waitfor", "/T 10 tttttt");
var eventTime = DateTime.Now;
Thread.Sleep(5000);
var name = processStore.ProcessName(process.Id, eventTime);
Assert.AreEqual("conhost", Path.GetFileNameWithoutExtension(name));
}