Code:
1 // Note: Reference System. Management. dll and using system. Management;
2
3 Staticvoid main ( String [] ARGs)
4
5 {
6
7 // Create WQL Event Query for instance Creation
8
9 VaR Qcreate = newwqleventquery ( " _ Instancecreationevent " ,
10
11 Timespan. fromseconds ( 1 ), // Whthin = 1
12
13 " Targetinstance ISA 'win32 _ Process' " );
14
15 // Create WQL Event Query for instance deletion
16
17 VaR Qdelete = newwqleventquery ( " _ Instancedeletionevent " ,
18
19 Timespan. fromseconds ( 1 ), // Whthin = 1
20
21 " Targetinstance ISA 'win32 _ Process' " );
22
23
24
25 // Create a listener for Event Query (managementeventwatcher)
26
27 VaR Wcreate = newmanagementeventwatcher (qcreate );
28
29 VaR Wdelete = newmanagementeventwatcher (qdelete );
30
31
32
33 // Event registration code
34
35 Wcreate. eventarrived + = (sender, e) =>
36
37 {
38
39 Console. writeline ( " Run: {0} " , Getinfo (E. newevent ));
40
41 };
42
43 Wdelete. eventarrived + = (sender, e) =>
44
45 {
46
47 Console. writeline ( " Close: {0} " , Getinfo (E. newevent ));
48
49 };
50
51
52
53 // Start listening Asynchronously
54
55 Wcreate. Start ();
56
57 Wdelete. Start ();
58
59
60
61 Console. writeline ( " Press any key to stop monitoring " );
62
63 Console. readkey ( True );
64
65 }
66
67
68
69 // Output Information of managementbaseobject corresponding to the event (win32_process instance in this example)
70
71 Staticstring getinfo (managementbaseobject mobj)
72
73 {
74
75 VaR Instance = (managementbaseobject) mobj [ " Targetinstance " ];
76
77 Returnstring. Format ( " {0}-{1} " , Instance [ " Name " ], Datetime. Now );
78
79 }
80
81
Monitoring of removable disk insertion or deletion
Code:
1 // Note: Reference System. Management. dll and using system. Management;
2
3 Staticvoid main ( String [] ARGs)
4
5 {
6
7 // Create WQL Event Query for instance Creation
8
9 // Add condition judgment targetinstance. drivetype = 2
10
11 // Indicates to judge the win32_logicaldisk.drivetype attribute, and 2 indicates a removable disk.
12
13 VaR Qcreate = newwqleventquery ( " _ Instancecreationevent " ,
14
15 Timespan. fromseconds ( 1 ),
16
17 " Targetinstance ISA 'win32 _ logicaldisk' and targetinstance. drivetype = 2 " );
18
19 // Create WQL Event Query for instance deletion
20
21 VaR Qdelete = newwqleventquery ( " _ Instancedeletionevent " ,
22
23 Timespan. fromseconds ( 1 ),
24
25 " Targetinstance ISA 'win32 _ logicaldisk' and targetinstance. drivetype = 2 " );
26
27
28
29 // Create a listener for Event Query (managementeventwatcher)
30
31 VaR Wcreate = newmanagementeventwatcher (qcreate );
32
33 VaR Wdelete = newmanagementeventwatcher (qdelete );
34
35
36
37 // Event registration code
38
39 Wcreate. eventarrived + = (sender, e) =>
40
41 {
42
43 Console. writeline ( " Access removable disk: {0} " , Getinfo (E. newevent ));
44
45 };
46
47 Wdelete. eventarrived + = (sender, e) =>
48
49 {
50
51 Console. writeline ( " Detach a removable disk: {0} " , Getinfo (E. newevent ));
52
53 };
54
55
56
57 // Start listening Asynchronously
58
59 Wcreate. Start ();
60
61 Wdelete. Start ();
62
63
64
65 Console. writeline ( " Press any key to stop monitoring " );
66
67 Console. readkey ( True );
68
69 }
70
71
72
73 // Output Information of the managementbaseobject corresponding to the event (win32_logicaldisk instance in this example)
74
75 Staticstring getinfo (managementbaseobject mobj)
76
77 {
78
79 VaR Instance = (managementbaseobject) mobj [ " Targetinstance " ];
80
81 Returnstring. Format ( " {0}-{1} " , Instance [ " Name " ], Datetime. Now );
82
83 }
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
