1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
package main
import (
"fmt"
"syscall"
"time"
"netlink"
)
func main() {
ns, err := netlink.NewNetlinkSocket(syscall.NETLINK_CONNECTOR, 12345)
if err != nil {
fmt.Printf("Error creating socket: %v\n", err)
}
defer ns.Close()
for {
res, err := ns.Receive()
if err != nil {
fmt.Printf("Error recv: %v\n", err)
continue
}
for i := 0; i < len(res); i++ {
procEvent := netlink.ParseProcEvent(res[i].Data)
switch procEvent.What {
case netlink.PROC_EVENT_FORK:
data := procEvent.Data.(netlink.ProcEventFork)
fmt.Printf("%v\tFork\t%d\t%d\t%d\t%d\n", time.Now(), data.ParentPid, data.ParentTgid, data.ChildPid, data.ChildTgid)
case netlink.PROC_EVENT_EXIT:
data := procEvent.Data.(netlink.ProcEventExit)
fmt.Printf("%v\tExit\t%d\t%d\t%d\t%d\n", time.Now(), data.ProcessPid, data.ProcessTgid, data.ExitCode, data.ExitSignal)
default:
}
}
}
}
|
