kstream

package

v1.2.0 Latest Latest Go to latest Published: Apr 27, 2021 License: Apache-2.0 Imports: 27 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/rabbitstack/fibratus

Links

Open Source Insights

README ¶

package `kstream`

Documentation ¶

Overview ¶

Package kstream contains facilities for controlling the kernel logger session and opening kernel event stream for the purpose of collecting and processing kernel events.

Index ¶

type Consumer
- func NewConsumer(ktraceController KtraceController, psnap ps.Snapshotter, ...) Consumer
type KtraceController
- func NewKtraceController(kstreamConfig config.KstreamConfig) KtraceController

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Consumer ¶

type Consumer interface {
	// OpenKstream initializes the kernel event stream by setting the event record callback and instructing it
	// to consume events from log buffers. This operation can fail if opening the kernel logger session results
	// in an invalid trace handler. Errors returned by `ProcessTrace` are sent to the channel since this function
	// blocks the current thread and we schedule its execution in a separate goroutine.
	OpenKstream() error
	// CloseKstream shutdowns the currently running kernel event stream consumer by closing the corresponding
	// session.
	CloseKstream() error
	// Errors returns the channel where errors are pushed.
	Errors() chan error
	// Events returns the buffered channel for pulling collected kernel events.
	Events() chan *kevent.Kevent
	// SetFilter initializes the filter that's applied on the kernel events.
	SetFilter(filter filter.Filter)
}

Consumer is the interface for the kernel event stream consumer.

func NewConsumer ¶

func NewConsumer(ktraceController KtraceController, psnap ps.Snapshotter, hsnap handle.Snapshotter, config *config.Config) Consumer

NewConsumer constructs a new kernel event stream consumer.

type KtraceController ¶

type KtraceController interface {
	// StartKtrace starts a new kernel tracing session.
	StartKtrace() error
	// CloseKtrace stops currently running kernel trace session.
	CloseKtrace() error
	// StartKtraceRundown initiates the kernel logger rundown session that will enumerate open file objects
	// we can use to match file names in file system kernel events.
	StartKtraceRundown() error
	// IsKRundownStarted indicates if kernel logger rundown session is started.
	IsKRundownStarted() bool
	// GetTraceHandle returns the handle of the kernel trace session.
	GetTraceHandle() etw.TraceHandle
}

KtraceController is responsible for managing the life cycle of the kernel traces.

func NewKtraceController ¶

func NewKtraceController(kstreamConfig config.KstreamConfig) KtraceController

NewKtraceController spins up a new instance of kernel trace controller.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
interceptors

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

README ¶

package kstream

Documentation ¶

Overview ¶

Index ¶

Constants ¶

Variables ¶

Functions ¶

Types ¶

type Consumer ¶

func NewConsumer ¶

type KtraceController ¶

func NewKtraceController ¶

Source Files ¶

Directories ¶

package `kstream`