event

package
v0.22.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 13, 2024 License: MIT Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Packet 

type Packet struct {
	Time      time.Time
	Type      packetType
	Device    dev.Device
	Pid       int
	MntNs     int
	NetNs     int
	Truncated bool
	Len       int

	Data []byte

	CgroupName string
}

func FromPacket added in v0.4.0 

func FromPacket(ci gopacket.CaptureInfo, data []byte) (*Packet, error)

func ParsePacketEvent 

func ParsePacketEvent(devices map[int]dev.Device, event bpf.BpfPacketEventWithPayloadT) (*Packet, error)

func (Packet) Egress 

func (p Packet) Egress() bool

func (Packet) Ingress 

func (p Packet) Ingress() bool

type ProcessExec 

type ProcessExec struct {
	PPid int
	Pid  int

	Filename          string
	FilenameTruncated bool

	Args          []string
	ArgsTruncated bool

	PidNs      int64
	MntNs      int64
	Netns      int64
	CgroupName string
}

func FromPacketOptions added in v0.4.0 

func FromPacketOptions(opts pcapgo.NgPacketOptions) (ProcessExec, types.PacketContext)

func ParseProcessExecEvent 

func ParseProcessExecEvent(event bpf.BpfExecEventT) (*ProcessExec, error)

func (ProcessExec) ArgsStr 

func (p ProcessExec) ArgsStr() string

func (ProcessExec) FilenameStr 

func (p ProcessExec) FilenameStr() string

func (ProcessExec) MatchComm added in v0.5.2 

func (p ProcessExec) MatchComm(name string) bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.