Azure · AhmedBM · Nov 20, 2025 · Nov 14, 2025 · Nov 19, 2025 · Nov 19, 2025
@@ -8,6 +8,7 @@
 #define _GNU_SOURCE
 #endif
 
+#include <CommonUtils.h>
 #include <Logging.h>
 #include <dlfcn.h>
 #include <errno.h>

@@ -12,6 +12,7 @@
 #include "Logging.h"
 #include "Mmi.h"
 #include "Result.h"
+#include "Telemetry.h"
 
 #include <cerrno>
 #include <cstddef>
@@ -75,6 +76,7 @@ MMI_HANDLE ComplianceEngineMmiOpen(const char* clientName, const unsigned int ma
     if (nullptr == context)
     {
         OsConfigLogError(g_log, "ComplianceEngineMmiOpen(%s, %u): failed to create context", clientName, maxPayloadSizeBytes);
+        OSConfigTelemetryStatusTrace("ComplianceEngineMmiOpen", ENOMEM);
         return nullptr;
     }
     std::unique_ptr<ComplianceEngine::PayloadFormatter> formatter;
@@ -99,6 +101,7 @@ MMI_HANDLE ComplianceEngineMmiOpen(const char* clientName, const unsigned int ma
     if (error)
     {
         OsConfigLogError(g_log, "ComplianceEngineMmiOpen(%s, %u): failed to load distribution info: %s", clientName, maxPayloadSizeBytes, error->message.c_str());
+        OSConfigTelemetryStatusTrace("ComplianceEngineMmiOpen", error->code);
         delete engine;
         return nullptr;
     }
@@ -118,13 +121,15 @@ int ComplianceEngineMmiGetInfo(const char* clientName, char** payload, int* payl
     if ((nullptr == payload) || (nullptr == payloadSizeBytes))
     {
         OsConfigLogError(g_log, "ComplianceEngineMmiGetInfo(%s, %p, %p) called with invalid arguments", clientName, payload, payloadSizeBytes);
+        OSConfigTelemetryStatusTrace("ComplianceEngineMmiGetInfo", EINVAL);
         return EINVAL;
     }
 
     *payload = strdup(Engine::GetModuleInfo());
     if (!*payload)
     {
         OsConfigLogError(g_log, "ComplianceEngineMmiGetInfo: failed to duplicate module info");
+        OSConfigTelemetryStatusTrace("ComplianceEngineMmiGetInfo", ENOMEM);
         return ENOMEM;
     }
 
@@ -137,18 +142,21 @@ int ComplianceEngineMmiGet(MMI_HANDLE clientSession, const char* componentName,
     if ((nullptr == componentName) || (nullptr == objectName) || (nullptr == payload) || (nullptr == payloadSizeBytes))
     {
         OsConfigLogError(g_log, "ComplianceEngineMmiGet(%s, %s, %p, %p) called with invalid arguments", componentName, objectName, payload, payloadSizeBytes);
+        OSConfigTelemetryStatusTrace("ComplianceEngineMmiGet", EINVAL);
         return EINVAL;
     }
 
     if (nullptr == clientSession)
     {
         OsConfigLogError(g_log, "ComplianceEngineMmiGet(%s, %s) called outside of a valid session", componentName, objectName);
+        OSConfigTelemetryStatusTrace("ComplianceEngineMmiGet", EINVAL);
         return EINVAL;
     }
 
     if (0 != strcmp(componentName, "ComplianceEngine"))
     {
         OsConfigLogError(g_log, "ComplianceEngineMmiGet called for an unsupported component name (%s)", componentName);
+        OSConfigTelemetryStatusTrace("ComplianceEngineMmiGet", EINVAL);
         return EINVAL;
     }
     auto& engine = *reinterpret_cast<Engine*>(clientSession);

@@ -10,6 +10,7 @@
 #include "Optional.h"
 #include "Procedure.h"
 #include "Result.h"
+#include "Telemetry.h"
 
 #include <cerrno>
 #include <cstring>
@@ -66,6 +67,7 @@ Optional<Error> Engine::LoadDistributionInfo()
         {
             OsConfigLogError(Log(), "ComplianceEngineValidatePayload failed to parse %s: %s", DistributionInfo::cDefaultOverrideFilePath,
                 overrideInfo.Error().message.c_str());
+            OSConfigTelemetryStatusTrace("ParseOverrideFile", overrideInfo.Error().code);
             return overrideInfo.Error();
         }
 
@@ -80,6 +82,7 @@ Optional<Error> Engine::LoadDistributionInfo()
         {
             OsConfigLogError(Log(), "ComplianceEngineValidatePayload failed to parse %s: %s", DistributionInfo::cDefaultEtcOsReleasePath,
                 osReleaseInfo.Error().message.c_str());
+            OSConfigTelemetryStatusTrace("ParseEtcOsRelease", osReleaseInfo.Error().code);
             return osReleaseInfo.Error();
         }
 
@@ -89,6 +92,7 @@ Optional<Error> Engine::LoadDistributionInfo()
     {
         int status = errno;
         OsConfigLogError(Log(), "ComplianceEngineValidatePayload failed to access %s: %s", DistributionInfo::cDefaultOverrideFilePath, strerror(status));
+        OSConfigTelemetryStatusTrace("stat", status);
         return Error("Failed to access override file", status);
     }
 
@@ -203,6 +207,7 @@ Optional<Error> Engine::SetProcedure(const std::string& ruleName, const std::str
     if (nullptr == procedure.Audit())
     {
         OsConfigLogError(Log(), "Failed to copy 'audit' object");
+        OSConfigTelemetryStatusTrace("Audit", ENOMEM);
         return Error("Out of memory");
     }
 
@@ -222,6 +227,7 @@ Optional<Error> Engine::SetProcedure(const std::string& ruleName, const std::str
         if (nullptr == procedure.Remediation())
         {
             OsConfigLogError(Log(), "Failed to copy 'remediate' object");
+            OSConfigTelemetryStatusTrace("Remediation", ENOMEM);
             return Error("Out of memory");
         }
     }
@@ -243,6 +249,7 @@ Optional<Error> Engine::SetProcedure(const std::string& ruleName, const std::str
             if ((nullptr == key) || (nullptr == val))
             {
                 OsConfigLogError(Log(), "Failed to get parameter name and value");
+                OSConfigTelemetryStatusTrace("json_object_get_string", EINVAL);
                 return Error("Failed to get parameter name and value");
             }
 
@@ -308,6 +315,7 @@ Result<Status> Engine::MmiSet(const char* objectName, const std::string& payload
     if (nullptr == objectName)
     {
         OsConfigLogError(Log(), "Object name is null");
+        OSConfigTelemetryStatusTrace("objectName", EINVAL);
         return Error("Invalid argument", EINVAL);
     }
 
@@ -345,6 +353,7 @@ Result<Status> Engine::MmiSet(const char* objectName, const std::string& payload
     }
 
     OsConfigLogError(Log(), "Invalid object name: Must start with %s, %s or %s prefix", initPrefix, procedurePrefix, remediatePrefix);
+    OSConfigTelemetryStatusTrace("objectName", EINVAL);
     return Error("Invalid object name");
 }
 } // namespace ComplianceEngine
@@ -2,6 +2,7 @@
 // Licensed under the MIT License.
 
 #include <FileTreeWalk.h>
+#include <Telemetry.h>
 #include <dirent.h>
 
 namespace ComplianceEngine
@@ -26,6 +27,7 @@ Result<Status> FileTreeWalk(const std::string& path, FtwCallback callback, Break
         }
 
         OsConfigLogError(context.GetLogHandle(), "Failed to open directory '%s': %s", path.c_str(), strerror(status));
+        OSConfigTelemetryStatusTrace("opendir", status);
         return Error("Failed to open directory '" + path + "': " + strerror(status), status);
     }
 
@@ -67,6 +69,7 @@ Result<Status> FileTreeWalk(const std::string& path, FtwCallback callback, Break
         {
             int status = errno;
             OsConfigLogError(context.GetLogHandle(), "Failed to lstat '%s': %s", directory.c_str(), strerror(status));
+            OSConfigTelemetryStatusTrace("lstat", status);
             result = Error("Failed to lstat '" + directory + "': " + strerror(status), status);
             break;
         }
@@ -100,6 +103,7 @@ Result<Status> FileTreeWalk(const std::string& path, FtwCallback callback, Break
     if (0 != status)
     {
         OsConfigLogError(context.GetLogHandle(), "Failed to iterate directory '%s': %s", path.c_str(), strerror(status));
+        OSConfigTelemetryStatusTrace("readdir", status);
         return Error("Failed to iterate directory '" + path + "': " + strerror(status), status);
     }
 

@@ -2,6 +2,7 @@
 // Licensed under the MIT License.
 
 #include <GroupsIterator.h>
+#include <Telemetry.h>
 #include <cerrno>
 #include <pwd.h>
 
@@ -25,6 +26,7 @@ Result<GroupsRange> GroupsRange::Make(std::string path, OsConfigLogHandle logHan
     {
         int status = errno;
         OsConfigLogError(logHandle, "Failed to open file '%s': %s", path.c_str(), strerror(status));
+        OSConfigTelemetryStatusTrace("fopen", status);
         return Error("Failed to create GroupsRange: " + std::string(strerror(status)), status);
     }
 

@@ -2,6 +2,7 @@
 #include <Evaluator.h>
 #include <KernelModuleTools.h>
 #include <Regex.h>
+#include <Telemetry.h>
 #include <dirent.h>
 #include <fts.h>
 #include <iostream>
@@ -59,6 +60,7 @@ Result<bool> SearchFilesystemForModuleName(std::string& moduleName, ContextInter
         if (!fts)
         {
             OsConfigLogError(context.GetLogHandle(), "Failed to open %s - errno %d", modulesVersionDir.c_str(), errno);
+            OSConfigTelemetryStatusTrace("fts_open", errno);
             continue;
         }
         auto ftspDeleter = std::unique_ptr<FTS, int (*)(FTS*)>(fts, fts_close);

@@ -2,6 +2,7 @@
 // Licensed under the MIT License.
 
 #include <ListValidShells.h>
+#include <Telemetry.h>
 #include <fstream>
 
 namespace ComplianceEngine
@@ -17,6 +18,7 @@ Result<set<string>> ListValidShells(ContextInterface& context)
     if (!shellsFile.is_open())
     {
         OsConfigLogError(context.GetLogHandle(), "Failed to open %s file", etcShellsPath);
+        OSConfigTelemetryStatusTrace("fopen", EINVAL);
         return Error(std::string("Failed to open ") + etcShellsPath + " file", EINVAL);
     }
 

@@ -7,6 +7,7 @@
 
 #include <CommonUtils.h>
 #include <Result.h>
+#include <Telemetry.h>
 #include <iostream>
 #include <map>
 #include <memory>
@@ -75,6 +76,7 @@ Result<Status> LuaEvaluator::Evaluate(const string& script, IndicatorsTree& indi
             error += lua_tostring(L, -1);
         }
         OsConfigLogError(log, "%s", error.c_str());
+        OSConfigTelemetryStatusTrace("luaL_loadstring", -1);
         lua_pop(L, 1);
         return Error(error);
     }
@@ -86,6 +88,7 @@ Result<Status> LuaEvaluator::Evaluate(const string& script, IndicatorsTree& indi
         if (!upvalueName)
         {
             OsConfigLogError(log, "Could not set restricted Lua environment");
+            OSConfigTelemetryStatusTrace("lua_setupvalue", -1);
             lua_pop(L, 1);
             lua_settop(L, 0);
             return Error("Could not set restricted Lua environment");
@@ -100,6 +103,7 @@ Result<Status> LuaEvaluator::Evaluate(const string& script, IndicatorsTree& indi
         lua_pop(L, 1);
         lua_settop(L, 0);
         OsConfigLogError(log, "Restricted Lua environment not found");
+        OSConfigTelemetryStatusTrace("lua_getfield", -1);
         return Error("Restricted Lua environment not found");
     }
 
@@ -112,6 +116,7 @@ Result<Status> LuaEvaluator::Evaluate(const string& script, IndicatorsTree& indi
             error += lua_tostring(L, -1);
         }
         OsConfigLogError(log, "%s", error.c_str());
+        OSConfigTelemetryStatusTrace("lua_pcall", result);
         luaL_traceback(L, L, NULL, 1);
         const char* traceback = lua_tostring(L, -1);
         if (traceback)
@@ -130,6 +135,7 @@ Result<Status> LuaEvaluator::Evaluate(const string& script, IndicatorsTree& indi
     {
         lua_settop(L, 0);
         OsConfigLogError(log, "Lua script did not return a value");
+        OSConfigTelemetryStatusTrace("lua_gettop", -1);
         return Error("Lua script did not return a value");
     }
 
@@ -295,6 +301,7 @@ int LuaEvaluator::LuaProcedureWrapper(lua_State* L)
     if (!lua_isstring(L, -1))
     {
         OsConfigLogError(log, "Failed to get procedure name from upvalue");
+        OSConfigTelemetryStatusTrace("lua_upvalueindex", -1);
         lua_pushstring(L, "Failed to get procedure name from upvalue");
         lua_error(L);
         return 0;
@@ -305,6 +312,7 @@ int LuaEvaluator::LuaProcedureWrapper(lua_State* L)
     if ((callContext->action != ComplianceEngine::Action::Remediate) && (procedureName.substr(0, 9) == "Remediate"))
     {
         OsConfigLogError(log, "Remediation not allowed in audit mode");
+        OSConfigTelemetryStatusTrace("action", EPERM);
         lua_pushstring(L, "Remediation not allowed in audit mode");
         lua_error(L);
         return 0;
@@ -314,6 +322,7 @@ int LuaEvaluator::LuaProcedureWrapper(lua_State* L)
     if (!lua_islightuserdata(L, -1))
     {
         OsConfigLogError(log, "Failed to get function pointer from upvalue");
+        OSConfigTelemetryStatusTrace("lua_islightuserdata", -1);
         lua_pushstring(L, "Failed to get function pointer from upvalue");
         lua_error(L);
         return 0;
@@ -324,6 +333,7 @@ int LuaEvaluator::LuaProcedureWrapper(lua_State* L)
     if (!actionFunc)
     {
         OsConfigLogError(log, "No function for procedure %s", procedureName.c_str());
+        OSConfigTelemetryStatusTrace("actionFunc", ENOENT);
         lua_pushstring(L, ("No function for procedure: " + procedureName).c_str());
         lua_error(L);
         return 0;

@@ -2,6 +2,7 @@
 // Licensed under the MIT License.
 
 #include <NetworkTools.h>
+#include <Telemetry.h>
 #include <sstream>
 
 namespace ComplianceEngine
@@ -64,6 +65,7 @@ Result<std::vector<OpenPort>> GetOpenPorts(ContextInterface& context)
         if (pos == std::string::npos)
         {
             OsConfigLogError(context.GetLogHandle(), "Invalid local address format: %s", local.c_str());
+            OSConfigTelemetryStatusTrace("rfind", EINVAL);
             continue;
         }
         try
@@ -73,6 +75,7 @@ Result<std::vector<OpenPort>> GetOpenPorts(ContextInterface& context)
         catch (const std::exception& e)
         {
             OsConfigLogError(context.GetLogHandle(), "Invalid port number: %s", local.substr(pos + 1).c_str());
+            OSConfigTelemetryStatusTrace("stoi", EINVAL);
             continue;
         }
 
@@ -102,6 +105,7 @@ Result<std::vector<OpenPort>> GetOpenPorts(ContextInterface& context)
             if (r <= 0)
             {
                 OsConfigLogError(context.GetLogHandle(), "Invalid IP address: %s", ip.c_str());
+                OSConfigTelemetryStatusTrace("inet_pton", EINVAL);
                 continue;
             }
             openPort.family = AF_INET6;

@@ -3,6 +3,7 @@
 
 #include <Logging.h>
 #include <PasswordEntriesIterator.h>
+#include <Telemetry.h>
 #include <cerrno>
 #include <stdexcept>
 
@@ -105,6 +106,7 @@ void PasswordEntryIterator::next() // NOLINT(*-identifier-naming)
         }
 
         OsConfigLogError(mRange->GetLogHandle(), "Failed to read /etc/shadow entry: %s (%d)", strerror(status), status);
+        OSConfigTelemetryStatusTrace("fgetspent_r", status);
         throw std::runtime_error("Failed to read /etc/shadow entry: " + string(strerror(status)) + ", errno: " + std::to_string(status));
     }
 }

@@ -7,6 +7,7 @@
 #include <Logging.h>
 #include <MmiResults.h>
 #include <Result.h>
+#include <Telemetry.h>
 #include <vector>
 
 namespace ComplianceEngine
@@ -102,6 +103,7 @@ class ReentrantIterator
             }
 
             OsConfigLogError(mRange->GetLogHandle(), "Failed to read next entry: %s", strerror(status));
+            OSConfigTelemetryStatusTrace("ReentrantIterator", status);
             throw std::runtime_error("Failed to read next entry: " + std::string(strerror(status)));
         }
     }

@@ -1,6 +1,7 @@
 // // Copyright (c) Microsoft Corporation. All rights reserved.
 // // Licensed under the MIT License.
 
+#include <Telemetry.h>
 #include <UsersIterator.h>
 
 namespace ComplianceEngine
@@ -20,8 +21,10 @@ Result<UsersRange> UsersRange::Make(std::string path, OsConfigLogHandle logHandl
     auto stream = fopen(path.c_str(), "r");
     if (nullptr == stream)
     {
-        OsConfigLogError(logHandle, "Failed to open file '%s': %s", path.c_str(), strerror(errno));
-        return Error("Failed to create UsersRange: " + std::string(strerror(errno)), errno);
+        int status = errno;
+        OsConfigLogError(logHandle, "Failed to open file '%s': %s", path.c_str(), strerror(status));
+        OSConfigTelemetryStatusTrace("fopen", status);
+        return Error("Failed to create UsersRange: " + std::string(strerror(status)), status);
     }
 
     return UsersRange(stream, logHandle);