procevents

package module

v0.0.0-...-d5b8431 Latest Latest Go to latest Published: Jan 2, 2016 License: BSD-2-Clause Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ebfe/procevents

Links

Open Source Insights

Documentation ¶

Overview ¶

Example ¶

package main

import (
	"bytes"
	"fmt"
	"io/ioutil"

	"github.com/ebfe/procevents"
)

func getCommandLine(pid int32) []string {
	buf, err := ioutil.ReadFile(fmt.Sprintf("/proc/%d/cmdline", pid))
	if err != nil {
		return []string{"<unknown>"}
	}
	var cmdline []string
	tok := bytes.Split(buf, []byte{0})
	for _, t := range tok {
		cmdline = append(cmdline, string(t))
	}
	return cmdline
}

func main() {
	conn, err := procevents.Dial()
	if err != nil {
		fmt.Printf("err: %s\n", err)
		return
	}
	defer conn.Close()

	for {
		events, err := conn.Read()
		if err != nil {
			fmt.Printf("err: %s\n", err)
			return
		}
		for _, ev := range events {
			switch ev := ev.(type) {
			case procevents.Exec:
				fmt.Printf("exec: %d %s\n", ev.Pid(), getCommandLine(ev.Pid()))
			case procevents.Exit:
				fmt.Printf("exit: %d (%d)\n", ev.Pid(), ev.Code)
			default:
				/* ignore */
			}
		}
	}
}

Output:

Examples ¶

Package

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Comm ¶

type Comm struct {
	Header
	Comm [16]byte
}

type Conn ¶

type Conn struct {
	// contains filtered or unexported fields
}

func Dial ¶

func Dial() (*Conn, error)

func (*Conn) Close ¶

func (c *Conn) Close() error

func (*Conn) Read ¶

func (c *Conn) Read() ([]Event, error)

type Coredump ¶

type Coredump struct {
	Header
}

type Event ¶

type Event interface {
	What() uint32
	Cpu() uint32
	Timestamp() uint64
	Pid() int32
	Tgid() int32
}

type Exec ¶

type Exec struct {
	Header
}

type Exit ¶

type Exit struct {
	Header
	Code   uint32
	Signal uint32
}

type Fork ¶

type Fork struct {
	Header
	ChildPid  int32
	ChildTgid int32
}

type Gid ¶

type Gid struct {
	Header
	Rgid uint32
	Egid uint32
}

type Header ¶

type Header struct {
	// contains filtered or unexported fields
}

func (h Header) Cpu() uint32

func (h Header) Pid() int32

func (h Header) Tgid() int32

func (h Header) Timestamp() uint64

func (h Header) What() uint32

type None ¶

type None struct {
	Header
	Err uint32
}

type Ptrace ¶

type Ptrace struct {
	Header
	TracerPid  int32
	TracerTgid int32
}

type Sid ¶

type Sid struct {
	Header
}

type Uid ¶

type Uid struct {
	Header
	Ruid uint32
	Euid uint32
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

procevents

Documentation ¶

Overview ¶

Index ¶

Examples ¶

Constants ¶

Variables ¶

Functions ¶

Types ¶

type Comm ¶

type Conn ¶

func Dial ¶

func (*Conn) Close ¶

func (*Conn) Read ¶

type Coredump ¶

type Event ¶

type Exec ¶

type Exit ¶

type Fork ¶

type Gid ¶

type Header ¶

func (Header) Cpu ¶

func (Header) Pid ¶

func (Header) Tgid ¶

func (Header) Timestamp ¶

func (Header) What ¶

type None ¶

type Ptrace ¶

type Sid ¶

type Uid ¶

Source Files ¶