proctree

package
v0.21.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 3, 2024 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DefaultProcessCacheSize = 32768
	DefaultThreadCacheSize  = 32768
)
View Source 
const (
	AllPIDs = 0
)
View Source 
const COMM_LEN = 16
View Source 
const MaxPathLen = 1024

Paths theoretically has no limit, but we do need to set a limit for the sake of managing memory more responsibly.

Variables

This section is empty.

Functions

This section is empty.

Types

type DataSource 

type DataSource struct {
	// contains filtered or unexported fields
}

DataSource is an implementation to detect.Datasource interface, enveloping the ProcessTree type.

func NewDataSource 

func NewDataSource(processTree *ProcessTree) *DataSource

func (*DataSource) Get 

func (ptds *DataSource) Get(key interface{}) (map[string]interface{}, error)

Get retrieves information from DataSource based on the provided key. It supports keys of the following types:

- datasource.ProcKey (for process information retrieval) - datasource.ThreadKey (for thread information retrieval) - datasource.LineageKey (for process lineage information retrieval)

and returns an error if the data isn't found.

func (*DataSource) ID 

func (ptds *DataSource) ID() string

ID returns the ID of the DataSource.

func (*DataSource) Keys 

func (ptds *DataSource) Keys() []string

Keys returns a list of supported keys by the DataSource.

func (*DataSource) Namespace 

func (ptds *DataSource) Namespace() string

Namespace returns the namespace of the DataSource.

func (*DataSource) Schema 

func (ptds *DataSource) Schema() string

Schema returns the schema of the DataSource.

func (*DataSource) Version 

func (ptds *DataSource) Version() uint

Version returns the version of the DataSource.

type ExecFeed 

type ExecFeed struct {
	TimeStamp         uint64
	TaskHash          uint32
	ParentHash        uint32
	LeaderHash        uint32
	CmdPath           string
	PathName          string
	Dev               uint32
	Inode             uint64
	Ctime             uint64
	InodeMode         uint16
	InterpreterPath   string
	InterpreterDev    uint32
	InterpreterInode  uint64
	InterpreterCtime  uint64
	Interp            string
	StdinType         uint16
	StdinPath         string
	InvokedFromKernel int32
}

type ExitFeed 

type ExitFeed struct {
	TimeStamp  uint64
	TaskHash   uint32
	ParentHash uint32
	LeaderHash uint32
	ExitCode   int64
	Group      bool
}

type FileInfo 

type FileInfo struct {
	// contains filtered or unexported fields
}

FileInfo represents a file.

func NewFileInfo 

func NewFileInfo(maxLogSize int) *FileInfo

NewFileInfo creates a new file.

func NewFileInfoFeed 

func NewFileInfoFeed(maxLogSize int, feed FileInfoFeed) *FileInfo

NewFileInfoFeed creates a new file with values from the given feed.

func (*FileInfo) GetCtime 

func (fi *FileInfo) GetCtime() int

GetCtime returns the creation time of the file.

func (*FileInfo) GetCtimeAt 

func (fi *FileInfo) GetCtimeAt(targetTime time.Time) int

GetCtimeAt returns the creation time of the file at the given time.

func (*FileInfo) GetDev 

func (fi *FileInfo) GetDev() int

GetDev returns the device number of the file.

func (*FileInfo) GetDevAt 

func (fi *FileInfo) GetDevAt(targetTime time.Time) int

GetDevAt returns the device number of the file at the given time.

func (*FileInfo) GetFeed 

func (fi *FileInfo) GetFeed() FileInfoFeed

GetFeed returns the values of the file as a feed.

func (*FileInfo) GetFeedAt 

func (fi *FileInfo) GetFeedAt(targetTime time.Time) FileInfoFeed

GetFeedAt returns the values of the file as a feed at the given time.

func (*FileInfo) GetInode 

func (fi *FileInfo) GetInode() int

GetInode returns the inode number of the file.

func (*FileInfo) GetInodeAt 

func (fi *FileInfo) GetInodeAt(targetTime time.Time) int

GetInodeAt returns the inode number of the file at the given time.

func (*FileInfo) GetInodeMode 

func (fi *FileInfo) GetInodeMode() int

GetInodeMode returns the inode mode of the file.

func (*FileInfo) GetInodeModeAt 

func (fi *FileInfo) GetInodeModeAt(targetTime time.Time) int

GetInodeModeAt returns the inode mode of the file at the given time.

func (*FileInfo) GetPath 

func (fi *FileInfo) GetPath() string

GetPath returns the path of the file.

func (*FileInfo) GetPathAt 

func (fi *FileInfo) GetPathAt(targetTime time.Time) string

GetPathAt returns the path of the file at the given time.

func (*FileInfo) SetCtime 

func (fi *FileInfo) SetCtime(ctime int)

SetCtime sets the creation time of the file.

func (*FileInfo) SetCtimeAt 

func (fi *FileInfo) SetCtimeAt(ctime int, targetTime time.Time)

SetCtimeAt sets the creation time of the file at the given time.

func (*FileInfo) SetDev 

func (fi *FileInfo) SetDev(dev int)

SetDev sets the device number of the file.

func (*FileInfo) SetDevAt 

func (fi *FileInfo) SetDevAt(dev int, targetTime time.Time)

SetDevAt sets the device number of the file at the given time.

func (*FileInfo) SetFeed 

func (fi *FileInfo) SetFeed(feed FileInfoFeed)

SetFeed sets the values of the file from a feed.

func (*FileInfo) SetFeedAt 

func (fi *FileInfo) SetFeedAt(feed FileInfoFeed, targetTime time.Time)

SetFeedAt sets the values of the file from a feed at the given time.

func (*FileInfo) SetInode 

func (fi *FileInfo) SetInode(inode int)

SetInode sets the inode number of the file.

func (*FileInfo) SetInodeAt 

func (fi *FileInfo) SetInodeAt(inode int, targetTime time.Time)

SetInodeAt sets the inode number of the file at the given time.

func (*FileInfo) SetInodeMode 

func (fi *FileInfo) SetInodeMode(inodeMode int)

SetInodeMode sets the inode mode of the file.

func (*FileInfo) SetInodeModeAt 

func (fi *FileInfo) SetInodeModeAt(inodeMode int, targetTime time.Time)

SetInodeModeAt sets the inode mode of the file at the given time.

func (*FileInfo) SetPath 

func (fi *FileInfo) SetPath(path string)

SetPath sets the path of the file.

func (*FileInfo) SetPathAt 

func (fi *FileInfo) SetPathAt(path string, targetTime time.Time)

SetPathAt sets the path of the file at the given time.

type FileInfoFeed 

type FileInfoFeed struct {
	// Name      string
	Path      string
	Dev       int
	Ctime     int
	Inode     int
	InodeMode int
}

FileInfoFeed allows external packages to set/get multiple values of a task at once.

type ForkFeed 

type ForkFeed struct {
	TimeStamp       uint64
	ChildHash       uint32
	ParentHash      uint32
	LeaderHash      uint32
	ParentTid       int32
	ParentNsTid     int32
	ParentPid       int32
	ParentNsPid     int32
	ParentStartTime uint64
	LeaderTid       int32
	LeaderNsTid     int32
	LeaderPid       int32
	LeaderNsPid     int32
	LeaderStartTime uint64
	ChildTid        int32
	ChildNsTid      int32
	ChildPid        int32
	ChildNsPid      int32
	ChildStartTime  uint64
}

type ProcTreeConfig 

type ProcTreeConfig struct {
	Source               SourceType
	ProcessCacheSize     int
	ThreadCacheSize      int
	ProcfsInitialization bool // Determine whether to scan procfs data for process tree initialization
	ProcfsQuerying       bool // Determine whether to query procfs for missing information during runtime
}

type Process 

type Process struct {
	// contains filtered or unexported fields
}

Process represents a process.

func NewProcess 

func NewProcess(hash uint32) *Process

NewProcess creates a new process.

func NewProcessWithInfo 

func NewProcessWithInfo(hash uint32, info *TaskInfo) *Process

NewProcessWithInfo creates a new thread with an initialized task info.

func (*Process) AddChild 

func (p *Process) AddChild(childHash uint32)

AddChild adds a child to the process.

func (*Process) AddThread 

func (p *Process) AddThread(threadHash uint32)

AddThread adds a thread to the process.

func (*Process) DelChild 

func (p *Process) DelChild(childHash uint32)

DelChild deletes a child from the process.

func (*Process) DelThread 

func (p *Process) DelThread(threadHash uint32)

DelThread deletes a thread from the process.

func (*Process) GetChildren 

func (p *Process) GetChildren() []uint32

GetChildren returns the children of the process.

func (*Process) GetExecutable 

func (p *Process) GetExecutable() *FileInfo

GetExecutable returns a instanced executable info.

func (*Process) GetHash 

func (p *Process) GetHash() uint32

GetHash returns the hash of the process.

func (*Process) GetInfo 

func (p *Process) GetInfo() *TaskInfo

GetInfo returns a instanced task info.

func (*Process) GetInterp 

func (p *Process) GetInterp() *FileInfo

GetInterp returns a instanced interpreter.

func (*Process) GetInterpreter 

func (p *Process) GetInterpreter() *FileInfo

GetInterpreter returns a instanced interpreter info.

func (*Process) GetParentHash 

func (p *Process) GetParentHash() uint32

GetParentHash returns the hash of the parent.

func (*Process) GetThreads 

func (p *Process) GetThreads() []uint32

GetThreads returns the threads of the process.

func (*Process) SetParentHash 

func (p *Process) SetParentHash(parentHash uint32)

SetParentHash sets the hash of the parent.

type ProcessTree 

type ProcessTree struct {
	// contains filtered or unexported fields
}

ProcessTree is a tree of processes and threads.

func NewProcessTree 

func NewProcessTree(ctx context.Context, config ProcTreeConfig) (*ProcessTree, error)

NewProcessTree creates a new process tree.

func (*ProcessTree) FeedFromExec 

func (pt *ProcessTree) FeedFromExec(feed ExecFeed) error

FeedFromExec feeds the process tree with an exec event.

func (*ProcessTree) FeedFromExit 

func (pt *ProcessTree) FeedFromExit(feed ExitFeed) error

FeedFromExit feeds the process tree with an exit event.

func (*ProcessTree) FeedFromFork 

func (pt *ProcessTree) FeedFromFork(feed ForkFeed) error

FeedFromFork feeds the process tree with a fork event.

func (*ProcessTree) FeedFromProcFS 

func (pt *ProcessTree) FeedFromProcFS(givenPid int) error

FeedFromProcFS feeds the process tree with data from procfs.

func (*ProcessTree) FeedFromProcFSAsync 

func (pt *ProcessTree) FeedFromProcFSAsync(givenPid int)

FeedFromProcFSAsync feeds the process tree with data from procfs asynchronously.

func (*ProcessTree) GetOrCreateProcessByHash 

func (pt *ProcessTree) GetOrCreateProcessByHash(hash uint32) *Process

GetOrCreateProcessByHash returns a process by its hash, or creates a new one if it doesn't exist.

func (*ProcessTree) GetOrCreateThreadByHash 

func (pt *ProcessTree) GetOrCreateThreadByHash(hash uint32) *Thread

GetOrCreateThreadByHash returns a thread by its hash, or creates a new one if it doesn't exist.

func (*ProcessTree) GetProcessByHash 

func (pt *ProcessTree) GetProcessByHash(hash uint32) (*Process, bool)

GetProcessByHash returns a process by its hash.

func (*ProcessTree) GetThreadByHash 

func (pt *ProcessTree) GetThreadByHash(hash uint32) (*Thread, bool)

GetThreadByHash returns a thread by its hash.

func (*ProcessTree) String 

func (pt *ProcessTree) String() string

String returns a string representation of the process tree.

type SourceType 

type SourceType int
const (
	SourceNone    SourceType = iota // disabled
	SourceSignals                   // event from control plane enrich the process tree
	SourceEvents                    // event from pipeline enrich the process tree
	SourceBoth                      // events from both pipelines enrich the process tree
)

func (SourceType) String 

func (s SourceType) String() string

type TaskInfo 

type TaskInfo struct {
	// contains filtered or unexported fields
}

TaskInfo represents a task.

func NewTaskInfo 

func NewTaskInfo() *TaskInfo

NewTaskInfo creates a new task.

func NewTaskInfoFromFeed 

func NewTaskInfoFromFeed(feed TaskInfoFeed) *TaskInfo

NewTaskInfoFromFeed creates a new task with values from the given feed.

func (*TaskInfo) GetExitTime 

func (ti *TaskInfo) GetExitTime() time.Time

GetExitTime returns the "real" exit time of the task.

func (*TaskInfo) GetExitTimeNS 

func (ti *TaskInfo) GetExitTimeNS() uint64

GetExitTimeNS returns the exitTime of the task.

func (*TaskInfo) GetFeed 

func (ti *TaskInfo) GetFeed() TaskInfoFeed

GetFeed returns the values of the task as a feed.

func (*TaskInfo) GetFeedAt 

func (ti *TaskInfo) GetFeedAt(targetTime time.Time) TaskInfoFeed

GetFeedAt returns the values of the task as a feed at the given time.

func (*TaskInfo) GetGid 

func (ti *TaskInfo) GetGid() int

GetGid returns the gid of the task.

func (*TaskInfo) GetGidAt 

func (ti *TaskInfo) GetGidAt(targetTime time.Time) int

GetGidAt returns the gid of the task at the given time.

func (*TaskInfo) GetName 

func (ti *TaskInfo) GetName() string

GetName returns the name of the task.

func (*TaskInfo) GetNameAt 

func (ti *TaskInfo) GetNameAt(targetTime time.Time) string

GetNameAt returns the name of the task at the given time.

func (*TaskInfo) GetNsPPid 

func (ti *TaskInfo) GetNsPPid() int

GetNsPPid returns the nsPPid of the task.

func (*TaskInfo) GetNsPPidAt 

func (ti *TaskInfo) GetNsPPidAt(targetTime time.Time) int

GetNsPPidAt returns the nsPPid of the task at the given time.

func (*TaskInfo) GetNsPid 

func (ti *TaskInfo) GetNsPid() int

GetNsPid returns the nsPid of the task.

func (*TaskInfo) GetNsTid 

func (ti *TaskInfo) GetNsTid() int

GetNsTid returns the nsTid of the task.

func (*TaskInfo) GetPPid 

func (ti *TaskInfo) GetPPid() int

GetPPid returns the ppid of the task.

func (*TaskInfo) GetPPidAt 

func (ti *TaskInfo) GetPPidAt(targetTime time.Time) int

GetPPidAt returns the ppid of the task at the given time.

func (*TaskInfo) GetPid 

func (ti *TaskInfo) GetPid() int

GetPid returns the pid of the task.

func (*TaskInfo) GetStartTime 

func (ti *TaskInfo) GetStartTime() time.Time

GetStartTime returns the "real" start time of the task.

func (*TaskInfo) GetStartTimeNS 

func (ti *TaskInfo) GetStartTimeNS() uint64

GetStartTimeNS returns the startTimeNS of the task.

func (*TaskInfo) GetTid 

func (ti *TaskInfo) GetTid() int

GetTid returns the tid of the task.

func (*TaskInfo) GetUid 

func (ti *TaskInfo) GetUid() int

GetUid returns the uid of the task.

func (*TaskInfo) GetUidAt 

func (ti *TaskInfo) GetUidAt(targetTime time.Time) int

GetUidAt returns the uid of the task at the given time.

func (*TaskInfo) IsAlive 

func (ti *TaskInfo) IsAlive() bool

IsAlive returns true if the task has exited.

func (*TaskInfo) IsAliveAt 

func (ti *TaskInfo) IsAliveAt(targetTime time.Time) bool

IsAliveAt return whether the task is alive in the given time, either because it didn't start yet or it has exited.

func (*TaskInfo) SetExitTime 

func (ti *TaskInfo) SetExitTime(exitTime uint64)

SetExitTime sets the exitTime of the task.

func (*TaskInfo) SetFeed 

func (ti *TaskInfo) SetFeed(feed TaskInfoFeed)

SetFeed sets the values of the task from the given feed.

func (*TaskInfo) SetFeedAt 

func (ti *TaskInfo) SetFeedAt(feed TaskInfoFeed, targetTime time.Time)

SetFeedAt sets the values of the task from the given feed at the given time.

func (*TaskInfo) SetGid 

func (ti *TaskInfo) SetGid(gid int)

SetGid sets the gid of the task.

func (*TaskInfo) SetGidAt 

func (ti *TaskInfo) SetGidAt(gid int, targetTime time.Time)

SetGidAt sets the gid of the task at the given time.

func (*TaskInfo) SetName 

func (ti *TaskInfo) SetName(name string)

SetName sets the name of the task.

func (*TaskInfo) SetNameAt 

func (ti *TaskInfo) SetNameAt(name string, targetTime time.Time)

SetNameAt sets the name of the task at the given time.

func (*TaskInfo) SetNsPPid 

func (ti *TaskInfo) SetNsPPid(nsPPid int)

SetNsPPid sets the nsppid of the task.

func (*TaskInfo) SetNsPPidAt 

func (ti *TaskInfo) SetNsPPidAt(nsPPid int, targetTime time.Time)

SetNsPPidAt sets the nsppid of the task at the given time.

func (*TaskInfo) SetNsPid 

func (ti *TaskInfo) SetNsPid(nsPid int)

SetNsPid sets the nsPid of the task.

func (*TaskInfo) SetNsTid 

func (ti *TaskInfo) SetNsTid(nsTid int)

SetNsTid sets the nsTid of the task.

func (*TaskInfo) SetPPid 

func (ti *TaskInfo) SetPPid(pPid int)

SetPPid sets the ppid of the task.

func (*TaskInfo) SetPPidAt 

func (ti *TaskInfo) SetPPidAt(pPid int, targetTime time.Time)

SetPPidAt sets the ppid of the task at the given time.

func (*TaskInfo) SetPid 

func (ti *TaskInfo) SetPid(pid int)

SetPid sets the pid of the task.

func (*TaskInfo) SetStartTimeNS 

func (ti *TaskInfo) SetStartTimeNS(startTimeNS uint64)

SetStartTimeNS sets the startTimeNS of the task.

func (*TaskInfo) SetTid 

func (ti *TaskInfo) SetTid(tid int)

SetTid sets the tid of the task.

func (*TaskInfo) SetUid 

func (ti *TaskInfo) SetUid(uid int)

SetUid sets the uid of the task.

func (*TaskInfo) SetUidAt 

func (ti *TaskInfo) SetUidAt(uid int, targetTime time.Time)

SetUidAt sets the uid of the task at the given time.

type TaskInfoFeed 

type TaskInfoFeed struct {
	Name        string
	Tid         int
	Pid         int
	PPid        int
	NsTid       int
	NsPid       int
	NsPPid      int
	Uid         int
	Gid         int
	StartTimeNS uint64
	ExitTimeNS  uint64
}

TaskInfoFeed allows external packages to set/get multiple values of a task at once.

type Thread 

type Thread struct {
	// contains filtered or unexported fields
}

Thread represents a thread.

func NewThread 

func NewThread(hash uint32) *Thread

NewThread creates a new thread.

func NewThreadWithInfo 

func NewThreadWithInfo(hash uint32, info *TaskInfo) *Thread

NewThreadWithInfo creates a new thread with an initialized task info.

func (*Thread) GetHash 

func (t *Thread) GetHash() uint32

GetHash returns the hash of the thread.

func (*Thread) GetInfo 

func (t *Thread) GetInfo() *TaskInfo

GetInfo returns a instanced task info.

func (*Thread) GetLeaderHash 

func (t *Thread) GetLeaderHash() uint32

GEtLeaderHash returns the hash of the thread group leader.

func (*Thread) GetParentHash 

func (t *Thread) GetParentHash() uint32

GetParentHash returns the hash of the parent.

func (*Thread) SetLeaderHash 

func (t *Thread) SetLeaderHash(leaderHash uint32)

SetLeaderHash sets the hash of the thread group leader.

func (*Thread) SetParentHash 

func (t *Thread) SetParentHash(parentHash uint32)

SetParentHash sets the hash of the parent.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.