/// <summary>
///
/// </summary>
/// <param name="data"></param>
public void LogEvent(FileIOCreateTraceData data)
{
#region MyRegion
//---------
// Filter event data
// Not written yet..
//----------
//---------------
// Log ImageLoad event
//using (EventLogWriter writer = new EventLogWriter(_fileIOLogName))
//{
// LogRow text = new LogRow();
// text.Add(data.TimeStamp.ToString());
// text.Add(data.EventName);
// text.Add(data.ProcessID.ToString());
// text.Add(data.ProcessName);
// text.Add(data.FileName);
// text.Add(data.CreateOptions.ToString());
// writer.WriteRow(text);
//}
//------------------
#endregion
LogRow text = new LogRow();
_fileIOWriter.WriteHeader(data, text);
text.Add(data.FileName);
_fileIOWriter.WriteRow(text);
}
private void HandleFileIoCreate(FileIOCreateTraceData data)
{
if (data.ProcessID == pid)
{
string fileName = data.FileName;
ulong fileObject = data.FileObject;
if (!fileObjectToFileNameMap.ContainsKey(fileObject))
{
fileObjectToFileNameMap.Add(fileObject, fileName);
}
traceOutput.Write(data.TimeStampRelativeMSec, data.ProcessID, data.ThreadID, data.EventName, $"'{fileName}' (0x{fileObject:X}) " +
GenerateFileShareMask(data.ShareAccess) + GenerateFileAttributeMask(data.FileAttributes));
}
}
