Use mongodb, insert process info into it

I failed to print the process tree out. While I'm printing the tree,
the tree itself gets changed, maybe deleted. What's more, the output
show that there are 4 lines with the same ppid and pid, how an absurd
result! It may be caused by multi-thread. So, use database instead.

Mongodb uses bson(binary json) to store data but not relational
database like mysql, which means it's more easy to use.(?)

Beside inserting, I've also solved a question that "fork" is called
once but returns twice. For instance, pid 1 forked pid 2, in the
audit log it's not an event "syscall=clone,ppid=1,pid=2", but actually
two events "syscall=clone,exit=0,ppid=0,pid=1" and "syscall=clone,exit=
2,ppid=0,pid=1", which is just what we see in sys_fork in kernel source.
To deal with this, when syscall is clone and exit is 0 we just drop it.

Left question: To find out the exit code when a process exit/exit_group,
and finish the code to record it in the database.

1 files changed, 0 insertions, 18 deletions

diff --git a/src/godo.go b/src/godo.go
index 6f73893..72f68c0 100644
--- a/src/godo.go
+++ b/src/godo.go
@@ -20,24 +20,6 @@ var (
         receiveOnly = fs.Bool("ro", false, "receive only using multicast, requires kernel 3.16+")
 )
 
-type Event struct {
-        timestamp time.Time
-        pid, ppid int
-        syscall   int
-        argc      int
-        argv      []string
-        cwd       string
-}
-
-type process struct {
-        timestamp time.Time
-        pid, ppid int
-        argv      []string
-        cwd       string
-        rootfs    string
-        children  []int
-}
-
 func main() {
         // 检查用户身份，并添加auditd规则，监听所有syscall
         if os.Geteuid() != 0 {