datasource

package

v0.0.0-...-9031ad1 Latest Latest Go to latest Published: Jul 2, 2024 License: Apache-2.0 Imports: 1 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/khulnasoft-lab/tracker

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type FileInfo ¶

type FileInfo struct {
	Path   string
	Hash   string
	Inode  int
	Device int
	Ctime  time.Time
	Mode   int
}

type LineageKey ¶

type LineageKey struct {
	EntityId uint32 // The first process (last descendant) entity ID
	Time     time.Time
	MaxDepth int
}

LineageKey is a key to the process tree data source, which will result receiving ProcessLineage in the response for the matching process in the given time, up to the max depth given of ancestors.

type ProcKey ¶

type ProcKey struct {
	EntityId uint32 // The process's entity ID
	Time     time.Time
}

ProcKey is a key to the process tree data source, which will result receiving ProcessInfo in the response for the matching process in the given time.

type ProcessInfo ¶

type ProcessInfo struct {
	EntityId          uint32
	Pid               int
	NsPid             int
	Ppid              int
	ContainerId       string
	Cmd               []string
	ExecutionBinary   FileInfo
	Interpreter       FileInfo
	Interp            FileInfo
	StartTime         time.Time // First thread fork time
	ExecTime          time.Time // Last execve call time
	ExitTime          time.Time
	ParentEntityId    uint32         // Parent process entity ID
	ThreadsIds        map[int]uint32 // Map between the tids to their entity IDs
	ChildProcessesIds map[int]uint32 // Map between the pids to their entity IDs
	IsAlive           bool
}

ProcessInfo is the user facing representation of a process data at a specific time.

type ProcessLineage ¶

type ProcessLineage []TimeRelevantInfo[ProcessInfo]

ProcessLineage is a representation of a process and its ancestors until the oldest ancestor known in the tree. The lineage is only relevant for the container the process resides in.

type ThreadInfo ¶

type ThreadInfo struct {
	EntityId        uint32
	Tid             int
	NsTid           int
	Pid             int
	UserId          int
	GroupId         int
	StartTime       time.Time
	ExitTime        time.Time
	Name            string
	ProcessEntityId uint32
	IsAlive         bool
}

ThreadInfo is the user facing representation of a thread data at a specific time.

type ThreadKey ¶

type ThreadKey struct {
	EntityId uint32 // The thread's entity ID
	Time     time.Time
}

ThreadKey is a key to the process tree data source, which will result receiving ThreadInfo in the response for the matching thread in the given time.

type TimeRelevantInfo ¶

type TimeRelevantInfo[T any] struct {
	Timestamp time.Time
	Info      T
}

TimeRelevantInfo is the returned value of all the time specific process tree queries. It envelopes the information from the tree with the time it is relevant for.

Source Files ¶

View all Source files

proctree.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL