diff options
Diffstat (limited to 'src/organize.go')
| -rw-r--r-- | src/organize.go | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/src/organize.go b/src/organize.go index 238509f..5268a90 100644 --- a/src/organize.go +++ b/src/organize.go | |||
| @@ -47,20 +47,21 @@ func orgnaze() { | |||
| 47 | break | 47 | break |
| 48 | } | 48 | } |
| 49 | rawEvent = raw.(libaudit.RawAuditMessage) | 49 | rawEvent = raw.(libaudit.RawAuditMessage) |
| 50 | fmt.Printf("type=%v msg=%s\n", rawEvent.Type, rawEvent.Data) | ||
| 50 | 51 | ||
| 51 | switch rawEvent.Type { | 52 | switch rawEvent.Type { |
| 52 | case auparse.AUDIT_SYSCALL: | 53 | case auparse.AUDIT_SYSCALL: |
| 53 | syscallRaw(rawEvent) | 54 | go syscallRaw(rawEvent) |
| 54 | case auparse.AUDIT_EXECVE: | 55 | case auparse.AUDIT_EXECVE: |
| 55 | execve(rawEvent) | 56 | go execve(rawEvent) |
| 56 | case auparse.AUDIT_CWD: | 57 | case auparse.AUDIT_CWD: |
| 57 | cwd(rawEvent) | 58 | go cwd(rawEvent) |
| 58 | case auparse.AUDIT_PATH: | 59 | case auparse.AUDIT_PATH: |
| 59 | path(rawEvent) | 60 | go path(rawEvent) |
| 60 | case auparse.AUDIT_PROCTITLE: | 61 | case auparse.AUDIT_PROCTITLE: |
| 61 | proctitle(rawEvent) | 62 | go proctitle(rawEvent) |
| 62 | case auparse.AUDIT_EOE: | 63 | case auparse.AUDIT_EOE: |
| 63 | eoe(rawEvent) | 64 | go eoe(rawEvent) |
| 64 | default: | 65 | default: |
| 65 | // ATTENTION: 这里也需要做防护 | 66 | // ATTENTION: 这里也需要做防护 |
| 66 | } | 67 | } |