Well I've practically completed porting the existing Traffic Analyzer code over to Windows. One or two sacrifices had to be made, however, most notably I had to cope with the lack of support for certain struct sockaddr conversion functions such as inet_aton which are normally in the arpa/inet.h header. Still, it's compiled (under MinGW, screw you Visual Studio!) and seems to work so that's cool.
Additionally, the packet capture and processing features of the Traffic Analyzer were practically completed last week when I did a partial re-write. Packet processing is now done within the constructors of the three primary classes; Session, ServerResponse and ClientCommand. Sessions encapsulate ClientCommand objects which then encapsulate their corresponding ServerResponse objects. Generic information is extracted from server responses, such as the number of rows affected by a query, error codes, warnings and server status codes. Client Commands could be elaborated upon but that's not a major issue and can be added later when integrating the RuleFilter class.
I'm looking into constructing classes with the MySQL C API so that information can be dumped into the MySQL Auditing Server and configuration data can be downloaded from it. This will be pretty straightforward, in my opinion, and should port to Windows pretty easily. I expect this portion of the coding process to be completed over the long weekend.