From 08207d77be79afc6f75d1611726b92bdf622717f Mon Sep 17 00:00:00 2001
From: We-unite <3205135446@qq.com>
Date: Mon, 2 Sep 2024 16:45:07 +0800
Subject: Show filt result in tree&json, fix sth in listener

In the listener, I change the order coroutines are started to avoid
'send on a closed channel'. Besides, the method to get syscall names
and numbers are not so universial, so let's go back to check unistd.h.

In the filter, the output is set to be written to ./log dir. Pid tree
are shown in logs/tree.log, and detail info in pids.log, while file info
in the logs/files.log. tree.log shows a tree just like `tree` command,
the other two files are written in json.

What's more, the flags while opening files are also checked ans showed
in files.log.
---
 listener/godo.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'listener/godo.go')

diff --git a/listener/godo.go b/listener/godo.go
index 0e1dc73..4f09b67 100644
--- a/listener/godo.go
+++ b/listener/godo.go
@@ -108,11 +108,11 @@ func coroutine(client *libaudit.AuditClient) error {
 	wg.Add(1)
 	go deal()
 	wg.Add(1)
-	go procWatch()
-	wg.Add(1)
 	go receive(client)
 	wg.Add(1)
 	go orgnaze()
+	wg.Add(1)
+	go procWatch()
 
 	wg.Wait()
 	time.Sleep(2 * time.Second)
-- 
cgit v1.2.3-70-g09d2