[
https://issues.apache.org/jira/browse/MINIFICPP-775?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17014864#comment-17014864
]
Alex Marmer edited comment on MINIFICPP-775 at 1/14/20 5:15 AM:
----------------------------------------------------------------
We can create a Dll, which minificpp server injects in the processes specified
in config.yml. The server can use WMI asynchronous notifications when a
particular server is started.
In the Dll is used API interception, for instance
[https://github.com/gdabah/distormx]. In config.yml can be specified Windows
APIs (for instance Registry APIs) which needs to be intercepted.
After intercepted API gets data, it is sent to minificpp server using IPC
communication (for instance named pipes).
was (Author: cpp):
We can create a Dll, which minificpp server injects in the processes specified
in config.yml. Server can use WMI asynchronous notifications when a particular
server is started.
In the Dll is used API interception, for instance
[https://github.com/gdabah/distormx]. In config.yml can be specified Windows
APIs (for instance Registry APIs) which needs to be intercepted.
After intercepted API gets data, it is sent to minificpp server using IPC
communication (for instance named pipes).
> Explore triggers for windows API calls
> --------------------------------------
>
> Key: MINIFICPP-775
> URL: https://issues.apache.org/jira/browse/MINIFICPP-775
> Project: Apache NiFi MiNiFi C++
> Issue Type: New Feature
> Environment: Windows
> Reporter: Marc Parisi
> Assignee: Alex Marmer
> Priority: Major
> Labels: Windows
> Fix For: 0.8.0
>
>
> Explore creating triggers on a windows system that allow us to capture events
> and create provenance when needed.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
