o yeh

driver/integrity.c

@@ -2117,8 +2117,6 @@ HeartbeatWorkItem(_In_ PDEVICE_OBJECT DeviceObject, _In_opt_ PVOID Context)
     NTSTATUS                 status = STATUS_UNSUCCESSFUL;
     PHEARTBEAT_CONFIGURATION config = (PHEARTBEAT_CONFIGURATION)Context;
 
-    DEBUG_INFO("heartbeat work routine called");
-
     /* Ensure we wait until our heartbeats DPC has terminated. */
     KeFlushQueuedDpcs();
     FreeHeartbeatObjects(config);

driver/io.c

@@ -156,11 +156,10 @@ STATIC
 VOID
 IncrementPacketMetics(_In_ PIRP_QUEUE_HEAD Queue, UINT16 Type)
 {
-    if (Type == PACKET_TYPE_REPORT)
-        Queue->total_reports_completed++;
-
-    if (Type == PACKET_TYPE_HEARTBEAT)
-        Queue->total_heartbeats_completed++;
+    switch (Type) {
+    case PACKET_TYPE_HEARTBEAT: Queue->total_heartbeats_completed++; break;
+    case PACKET_TYPE_REPORT: Queue->total_reports_completed++; break;
+    }
 
     Queue->total_irps_completed++;
 }

module/helper.cpp

@@ -53,6 +53,20 @@ void helper::print_kernel_report(void *buffer) {
   kernel_interface::packet_header *header =
       reinterpret_cast<kernel_interface::packet_header *>(buffer);
   LOG_INFO("packet type: %lx", header->packet_type);
+
+  if (header->packet_type == 1)
+  {
+      kernel_interface::heartbeat_packet* hb =
+          reinterpret_cast<kernel_interface::heartbeat_packet*>(buffer);
+      LOG_INFO("Heartbeat Count: %lx", hb->heartbeat_count);
+      LOG_INFO("Total Reports Completed: %lx", hb->total_reports_completed);
+      LOG_INFO("Total IRPs Completed: %lx", hb->total_irps_completed);
+      LOG_INFO("Total Heartbeats Completed: %lx",
+               hb->total_heartbeats_completed);
+      LOG_INFO("********************************");
+      return;
+  }
+
   kernel_interface::report_header *report_header =
       reinterpret_cast<kernel_interface::report_header *>(
           (uint64_t)buffer + sizeof(kernel_interface::packet_header));

module/kernel_interface/kernel_interface.h

@@ -123,6 +123,14 @@ struct process_module_validation_report {
   wchar_t module_path[MODULE_PATH_LEN];
 };
 
+struct heartbeat_packet {
+    packet_header header;
+    uint32_t        heartbeat_count;
+    uint32_t        total_reports_completed;
+    uint32_t        total_irps_completed;
+    uint32_t        total_heartbeats_completed;
+};
+
 enum apc_operation { operation_stackwalk = 0x1 };
 
 // clang-format off