aboutsummaryrefslogtreecommitdiffstats
path: root/filter/filter.go
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--filter/filter.go118
1 files changed, 118 insertions, 0 deletions
diff --git a/filter/filter.go b/filter/filter.go
new file mode 100644
index 0000000..c83fb13
--- /dev/null
+++ b/filter/filter.go
@@ -0,0 +1,118 @@
1package main
2
3import (
4 "context"
5 "fmt"
6 "log"
7 "os"
8 "time"
9
10 "go.mongodb.org/mongo-driver/bson"
11 "go.mongodb.org/mongo-driver/mongo"
12 "go.mongodb.org/mongo-driver/mongo/options"
13 "go.mongodb.org/mongo-driver/mongo/readpref"
14)
15
16type Exec struct {
17 timestamp time.Time `bson:"timestamp"`
18 execArgs []string `bson:"execArgs"`
19}
20
21type Process struct {
22 timestamp time.Time `bson:"start_timestamp"`
23 ppid int `bson:"ppid"`
24 parentTgid int `bson:"parentTgid"`
25 pid int `bson:"pid"`
26 tgid int `bson:"tgid"`
27 args []string `bson:"args"`
28 comm string `bson:"comm"`
29 cwd string `bson:"cwd"`
30 execve []Exec `bson:"execve"`
31 exit_code int `bson:"exit_code"`
32 exit_signal int `bson:"exit_signal"`
33 exit_timestamp time.Time `bson:"exit_timestamp"`
34}
35
36func (p Process) String() string {
37 var res string
38 res = ""
39 res += fmt.Sprintf("timestamp\t%v\n", p.timestamp)
40 res += fmt.Sprintf("ppid\t%d\nparentTgid\t%d\n", p.ppid, p.parentTgid)
41 res += fmt.Sprintf("pid\t%d\ntgid\t%d\nargs: ", p.pid, p.tgid)
42 for i := 0; i < len(p.args); i++ {
43 res += fmt.Sprintf("%s ", p.args[i])
44 }
45 res += fmt.Sprintf("\ncomm\t%s\ncwd\t%s\n", p.comm, p.cwd)
46 return res
47}
48
49// type Process struct {
50// StartTimestamp time.Time `bson:"start_timestamp"`
51// Ppid *int `bson:"ppid"`
52// ParentTgid *int `bson:"parentTgid"`
53// Pid int `bson:"pid"`
54// Tgid int `bson:"tgid"`
55// Args []string `bson:"args"`
56// Comm *string `bson:"comm"`
57// Cwd *string `bson:"cwd"`
58// Execve []Exec `bson:"execve"`
59// ExitCode *int `bson:"exit_code"`
60// ExitSignal *int `bson:"exit_signal"`
61// ExitTimestamp *time.Time `bson:"exit_timestamp"`
62// }
63
64// func (p Process) String() string {
65// var res string
66// res = ""
67// res += fmt.Sprintf("timestamp\t%v\n", p.StartTimestamp)
68// if p.Ppid != nil && p.ParentTgid != nil {
69// res += fmt.Sprintf("ppid\t%d\nparentTgid\t%d\n", *(p.Ppid), *(p.ParentTgid))
70// }
71// res += fmt.Sprintf("pid\t%d\ntgid\t%d\nargs: ", p.Pid, p.Tgid)
72// for i := 0; i < len(p.Args); i++ {
73// res += fmt.Sprintf("%s ", p.Args[i])
74// }
75// if p.Comm != nil && p.Cwd != nil {
76// res += fmt.Sprintf("\ncomm\t%s\ncwd\t%s\n", *(p.Comm), *(p.Cwd))
77// }
78// return res
79// }
80
81func main() {
82 client, err := mongo.Connect(context.TODO(), options.Client().ApplyURI("mongodb://localhost:27017"))
83 if err != nil {
84 fmt.Fprintf(os.Stderr, "Err connecting mongodb: %v\n", err)
85 }
86 defer client.Disconnect(context.TODO())
87
88 // 检查连接
89 err = client.Ping(context.TODO(), readpref.Primary())
90 if err != nil {
91 log.Fatal(err)
92 }
93
94 pidCol := client.Database("test").Collection("pids")
95 cur, err := pidCol.Find(context.TODO(), bson.M{}) // 查询所有文档
96 if err != nil {
97 log.Fatal(err)
98 }
99 defer cur.Close(context.TODO()) // 确保游标被关闭
100
101 var res []Process
102 for cur.Next(context.TODO()) {
103 var tmp Process
104 // 解码到Process结构体
105 if err := cur.Decode(&tmp); err != nil {
106 log.Fatal(err)
107 }
108 res = append(res, tmp)
109 }
110
111 if err := cur.Err(); err != nil {
112 log.Fatal(err)
113 }
114
115 for i := 0; i < len(res); i++ {
116 fmt.Printf("------\n%v\n", res[i])
117 }
118}