aboutsummaryrefslogtreecommitdiffstats
path: root/filter/filter.go
blob: c83fb13ce0aa89d02cd20f7956c325be5bd3abf7 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
package main

import (
	"context"
	"fmt"
	"log"
	"os"
	"time"

	"go.mongodb.org/mongo-driver/bson"
	"go.mongodb.org/mongo-driver/mongo"
	"go.mongodb.org/mongo-driver/mongo/options"
	"go.mongodb.org/mongo-driver/mongo/readpref"
)

type Exec struct {
	timestamp time.Time `bson:"timestamp"`
	execArgs  []string  `bson:"execArgs"`
}

type Process struct {
	timestamp      time.Time `bson:"start_timestamp"`
	ppid           int       `bson:"ppid"`
	parentTgid     int       `bson:"parentTgid"`
	pid            int       `bson:"pid"`
	tgid           int       `bson:"tgid"`
	args           []string  `bson:"args"`
	comm           string    `bson:"comm"`
	cwd            string    `bson:"cwd"`
	execve         []Exec    `bson:"execve"`
	exit_code      int       `bson:"exit_code"`
	exit_signal    int       `bson:"exit_signal"`
	exit_timestamp time.Time `bson:"exit_timestamp"`
}

func (p Process) String() string {
	var res string
	res = ""
	res += fmt.Sprintf("timestamp\t%v\n", p.timestamp)
	res += fmt.Sprintf("ppid\t%d\nparentTgid\t%d\n", p.ppid, p.parentTgid)
	res += fmt.Sprintf("pid\t%d\ntgid\t%d\nargs: ", p.pid, p.tgid)
	for i := 0; i < len(p.args); i++ {
		res += fmt.Sprintf("%s ", p.args[i])
	}
	res += fmt.Sprintf("\ncomm\t%s\ncwd\t%s\n", p.comm, p.cwd)
	return res
}

// type Process struct {
// 	StartTimestamp time.Time  `bson:"start_timestamp"`
// 	Ppid           *int       `bson:"ppid"`
// 	ParentTgid     *int       `bson:"parentTgid"`
// 	Pid            int        `bson:"pid"`
// 	Tgid           int        `bson:"tgid"`
// 	Args           []string   `bson:"args"`
// 	Comm           *string    `bson:"comm"`
// 	Cwd            *string    `bson:"cwd"`
// 	Execve         []Exec     `bson:"execve"`
// 	ExitCode       *int       `bson:"exit_code"`
// 	ExitSignal     *int       `bson:"exit_signal"`
// 	ExitTimestamp  *time.Time `bson:"exit_timestamp"`
// }

// func (p Process) String() string {
// 	var res string
// 	res = ""
// 	res += fmt.Sprintf("timestamp\t%v\n", p.StartTimestamp)
// 	if p.Ppid != nil && p.ParentTgid != nil {
// 		res += fmt.Sprintf("ppid\t%d\nparentTgid\t%d\n", *(p.Ppid), *(p.ParentTgid))
// 	}
// 	res += fmt.Sprintf("pid\t%d\ntgid\t%d\nargs: ", p.Pid, p.Tgid)
// 	for i := 0; i < len(p.Args); i++ {
// 		res += fmt.Sprintf("%s ", p.Args[i])
// 	}
// 	if p.Comm != nil && p.Cwd != nil {
// 		res += fmt.Sprintf("\ncomm\t%s\ncwd\t%s\n", *(p.Comm), *(p.Cwd))
// 	}
// 	return res
// }

func main() {
	client, err := mongo.Connect(context.TODO(), options.Client().ApplyURI("mongodb://localhost:27017"))
	if err != nil {
		fmt.Fprintf(os.Stderr, "Err connecting mongodb: %v\n", err)
	}
	defer client.Disconnect(context.TODO())

	// 检查连接
	err = client.Ping(context.TODO(), readpref.Primary())
	if err != nil {
		log.Fatal(err)
	}

	pidCol := client.Database("test").Collection("pids")
	cur, err := pidCol.Find(context.TODO(), bson.M{}) // 查询所有文档
	if err != nil {
		log.Fatal(err)
	}
	defer cur.Close(context.TODO()) // 确保游标被关闭

	var res []Process
	for cur.Next(context.TODO()) {
		var tmp Process
		// 解码到Process结构体
		if err := cur.Decode(&tmp); err != nil {
			log.Fatal(err)
		}
		res = append(res, tmp)
	}

	if err := cur.Err(); err != nil {
		log.Fatal(err)
	}

	for i := 0; i < len(res); i++ {
		fmt.Printf("------\n%v\n", res[i])
	}
}