activitytree

package
v0.0.0-...-7f64411 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 20, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Overview

Package activitytree holds activitytree related files

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ActivityTree

type ActivityTree struct {
	Stats *Stats

	DNSMatchMaxDepth int

	// top level lists used to summarize the content of the tree
	DNSNames     *utils.StringKeys
	SyscallsMask map[int]int
	// contains filtered or unexported fields
}

ActivityTree contains a process tree and its activities. This structure has no locks.

func NewActivityTree

func NewActivityTree(pathsReducer *activitytree.PathsReducer, differentiateArgs bool, DNSMatchMaxDepth int) *ActivityTree

NewActivityTree returns a new ActivityTree instance

func (*ActivityTree) ExecMatches

func (at *ActivityTree) ExecMatches(e1, e2 *processlist.ExecNode) bool

ExecMatches returns true if both exec matches

func (*ActivityTree) GetExecCacheKey

func (at *ActivityTree) GetExecCacheKey(process *model.Process) interface{}

GetExecCacheKey returns the exec unique identifier

func (*ActivityTree) GetParentProcessCacheKey

func (at *ActivityTree) GetParentProcessCacheKey(event *model.Event) interface{}

GetParentProcessCacheKey returns the parent process unique identifier

func (*ActivityTree) GetProcessCacheKey

func (at *ActivityTree) GetProcessCacheKey(process *model.Process) interface{}

GetProcessCacheKey returns the process unique identifier

func (*ActivityTree) IsAValidRootNode

func (at *ActivityTree) IsAValidRootNode(entry *model.Process) bool

IsAValidRootNode evaluates if the provided process entry is allowed to become a root node of an Activity Dump nolint: all

func (*ActivityTree) ProcessMatches

func (at *ActivityTree) ProcessMatches(p1, p2 *processlist.ProcessNode) bool

ProcessMatches returns true if both process nodes matches

func (*ActivityTree) SendStats

func (at *ActivityTree) SendStats(client statsd.ClientInterface) error

SendStats sends the tree statistics nolint: all

type Stats

type Stats struct {
	// TODO
	Hit          int64
	Misses       int64
	ProcFallback int64
	Suppressed   int64
	Anomaly      int64
}

Stats represents the node counts in an activity dump

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL