/// <nodoc />
public static BuildSessionConfigurationEvent ToExecutionLogSaltsData(this BuildSessionConfigurationEventData data, uint workerID)
{
return(new BuildSessionConfigurationEvent
{
WorkerID = workerID,
DisableDetours = data.DisableDetours,
IgnoreReparsePoints = data.IgnoreReparsePoints,
IgnorePreloadedDlls = data.IgnorePreloadedDlls,
ExistingDirectoryProbesAsEnumerations = data.ExistingDirectoryProbesAsEnumerations,
NtFileCreateMonitored = data.NtFileCreateMonitored,
ZwFileCreateOpenMonitored = data.ZwFileCreateOpenMonitored,
IgnoreZwRenameFileInformation = data.IgnoreZwRenameFileInformation,
IgnoreZwOtherFileInformation = data.IgnoreZwOtherFileInformation,
IgnoreNonCreateFileReparsePoints = data.IgnoreNonCreateFileReparsePoints,
IgnoreSetFileInformationByHandle = data.IgnoreSetFileInformationByHandle,
IgnoreGetFinalPathNameByHandle = data.IgnoreGetFinalPathNameByHandle,
FingerprintVersion = (int)data.FingerprintVersion,
FingerprintSalt = data.FingerprintSalt,
SearchPathToolsHash = data.SearchPathToolsHash != null ? ((ContentHash)data.SearchPathToolsHash).ToContentHash() : null,
UnexpectedFileAccessesAreErrors = data.UnexpectedFileAccessesAreErrors,
MonitorFileAccesses = data.MonitorFileAccesses,
MaskUntrackedAccesses = data.MaskUntrackedAccesses,
NormalizeReadTimestamps = data.NormalizeReadTimestamps,
PipWarningsPromotedToErrors = data.PipWarningsPromotedToErrors,
ValidateDistribution = data.ValidateDistribution,
RequiredKextVersionNumber = data.RequiredKextVersionNumber
});
}
/// <summary>
/// Override event to capture its data and store it in the protobuf
/// </summary>
public override void BuildSessionConfiguration(BuildSessionConfigurationEventData data)
{
var value = data.ToExecutionLogSaltsData(WorkerID.Value);
// There will be exactly one event of this type that is reported, so nothing special needs to be added to the key
var key = new EventKey
{
EventTypeID = Xldb.Proto.ExecutionEventId.BuildSessionConfiguration,
};
var keyArr = key.ToByteArray();
var valueArr = value.ToByteArray();
WriteToDb(keyArr, valueArr, XldbDataStore.EventColumnFamilyName);
AddToDbStorageDictionary(DBStoredTypes.ExtraEventDataReported, keyArr.Length + valueArr.Length);
}
/// <inheritdoc />
public override void BuildSessionConfiguration(BuildSessionConfigurationEventData data)
{
m_fingerprintSalts = data.ToFingerprintSalts();
}
/// <inheritdoc />
public virtual void BuildSessionConfiguration(BuildSessionConfigurationEventData data)
{
ReportUnhandledEvent(data);
}
