A type used by Endpoint Security to notify your client when a monitored action occurs.
When Endpoint Security monitors an event of a given type, it sends a message to all clients subscribed to that event type, containing data about the event. Handlers use this information to react to the event. In the case of authorization events, handlers must actively respond to the message and authorize or deny the monitored action. The client must respond before the
deadline specified by the message.
The following code shows a handler that reacts to events of the type
ES. Since the handler knows the event type, it can access the
rename member of the message’s
event union. From this, it gets the
source of the rename event, and inspects the source file path. The handler denies authorization to the event if the filename includes the string
DONOTMOVE, and allows it otherwise.