wk233/old-sysmonitord
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
This repository has been archived on 2026-03-28. You can view files and clone it, but cannot push or open issues or pull requests.
old-sysmonitord/cmd/sysmonitord/main.go

159 lines
4.3 KiB
Go
Raw Blame History

package main
import (
"io"
"log"
"os"
"os/signal"
"syscall"
"time"
"github.com/wuko233/sysmonitord/internal/config"
"github.com/wuko233/sysmonitord/internal/monitor"
"github.com/wuko233/sysmonitord/internal/network"
"github.com/wuko233/sysmonitord/internal/scanner"
"github.com/wuko233/sysmonitord/internal/whitelist"
"gopkg.in/natefinch/lumberjack.v2"
)
const (
OfficialConfigURL = "http://localhost:8090/api/v1/configs/official.json"
UserConfigURL = "http://localhost:8090/api/v1/configs/user.json"
CenterServerURL = "ws://localhost:8090/api/v1/ws"
)
func main() {
initLogger()
log.Println("==========================================")
log.Print(`
_ _ _
(_) | | |
___ _ _ ___ _ __ ___ ___ _ __ _| |_ ___ _ __ __| |
/ __| | | / __| '_ ` + "`" + ` _ \ / _ \| '_ \| | __/ _ \| '__/ _` + "`" + ` |
\__ \ |_| \__ \ | | | | | (_) | | | | | || (_) | | | (_| |
|___/\__, |___/_| |_| |_|\___/|_| |_|_|\__\___/|_| \__,_|
__/ |
|___/
`)
log.Println("==========================================")
// 加载配置
log.Println("[启动流程] 1/6: 下载远程安全策略配置...")
cfgLoader := network.NewConfigLoader()
officialCfg, userCfg, err := cfgLoader.LoadConfigs(network.ConfigUrls{
OfficialConfigUrl: OfficialConfigURL,
UserConfigUrl: UserConfigURL,
})
if err != nil {
log.Fatalf("[启动错误]下载配置失败: %v", err)
log.Println("[启动降级] 继续使用默认空配置...")
// os.Exit(1)
}
log.Println("[启动流程] 2/6: 初始化白名单判定引擎...")
wlManager := whitelist.NewManager()
wlManager.UpdateConfig(officialCfg, userCfg)
log.Println("[启动流程] 3/6: 启动中心服务器连接...")
centerClient := network.NewWSClient(network.ClientConfig{
ServerURL: CenterServerURL,
SendInterval: 1 * time.Second,
BufferSize: 1000,
})
centerClient.Start()
auditUrl := wlManager.GetAuditServerUrl()
if auditUrl == "" {
auditUrl = CenterServerURL
}
auditClient := network.NewWSClient(network.ClientConfig{
ServerURL: auditUrl,
SendInterval: 1 * time.Second,
BufferSize: 1000,
})
auditClient.Start()
log.Println("[启动流程] 4/6: 启动文件完整性防护...")
// 扫盘器
sysScanner := scanner.NewScanner(wlManager, centerClient)
sysScanner.Start()
// 监控器
sysWatcher, err := scanner.NewWatcher(wlManager, centerClient)
if err != nil {
log.Fatalf("[启动错误] 初始化监控器失败: %v", err)
} else {
sysWatcher.Start()
}
log.Println("[启动流程] 5/6: 启动系统行为监控...")
// SSH监控
sshAlertChan := make(chan monitor.Alert, 100)
sshMon := monitor.NewSSHMonitor(&config.SSHMonitor{
Enabled: true,
AlertOnRootLogin: true,
DisplayOnShell: true,
}, sshAlertChan)
go func() {
for alert := range sshAlertChan {
packet := network.NewPacket("SSH_ALERT", alert)
auditClient.SendQueue(packet)
}
}()
go func() {
if err := sshMon.Start(); err != nil {
log.Printf("[监控错误] SSH监控遇到错误: %v", err)
}
}()
// 状态监控
metricsChan := make(chan monitor.ServerMetrics, 100)
infoMon := monitor.NewInfoMonitor(nil, metricsChan)
go func() {
for metrics := range metricsChan {
packet := network.NewPacket("STATUS_UPDATE", metrics)
centerClient.SendQueue(packet)
}
}()
go infoMon.Start()
log.Println("[启动流程] 6/6: 系统监控守护进程启动完成!")
stopChan := make(chan os.Signal, 1)
signal.Notify(stopChan, os.Interrupt, syscall.SIGTERM)
<-stopChan
log.Println("[守护进程] 接收到停止信号,正在关闭...")
if sysWatcher != nil {
sysWatcher.Stop()
}
sysScanner.Stop()
sshMon.Stop()
infoMon.Stop()
centerClient.Stop()
auditClient.Stop()
log.Println("[守护进程] 已成功停止,安全退出程序。")
}
func initLogger() {
log.SetOutput(os.Stdout)
fileLogger := &lumberjack.Logger{
Filename: "/var/log/sysmonitord/sysmonitord.log",
MaxSize: 100, // MB
MaxBackups: 7,
MaxAge: 30, // 天
Compress: true,
}
log.SetOutput(io.MultiWriter(os.Stdout, fileLogger))
}
Reference in New Issue View Git Blame Copy Permalink