From 744f2cd78305d87ff4f6c35b4a872af70a85ea36 Mon Sep 17 00:00:00 2001
From: wuko233 <wuko233@gmail.com>
Date: Thu, 9 Apr 2026 14:49:59 +0800
Subject: [PATCH] =?UTF-8?q?[monitor]=20=E5=A2=9E=E5=8A=A0=E5=AF=B9?=
 =?UTF-8?q?=E8=87=AA=E8=BA=AB=E6=95=B0=E6=8D=AE=E6=96=87=E4=BB=B6=E7=9A=84?=
 =?UTF-8?q?=E8=BF=87=E6=BB=A4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 config.yaml.example                 |  2 +-
 internal/monitor/watcher/watcher.go | 37 +++++++++++++++++++++++++++++
 2 files changed, 38 insertions(+), 1 deletion(-)

diff --git a/config.yaml.example b/config.yaml.example
index 8e36a01..ba4e7ec 100644
--- a/config.yaml.example
+++ b/config.yaml.example
@@ -30,7 +30,7 @@ scanner:
     interval: 300 # seconds
 
 storage:
-  data_dir: "./data"
+  data_dir: "/var/lib/sysmonitord"
   process_system_file: "process_system.data"
   file_system_file: "file_system.data"
   dubious_file_list_file: "dubious_files.data"
diff --git a/internal/monitor/watcher/watcher.go b/internal/monitor/watcher/watcher.go
index 4ac29e2..22a7172 100644
--- a/internal/monitor/watcher/watcher.go
+++ b/internal/monitor/watcher/watcher.go
@@ -78,6 +78,11 @@ func (w *Watcher) eventLoop() {
 				return
 			}
 
+			// 忽略不需要监控的路径
+			if w.shouldIgnore(event.Name) {
+				continue
+			}
+
 			// 添加新创建的目录到监听列表
 			if event.Op&fsnotify.Create == fsnotify.Create {
 				info, err := os.Stat(event.Name)
@@ -132,3 +137,35 @@ func (w *Watcher) addPath(path string) {
 func (w *Watcher) Errors() <-chan error {
 	return w.fsnWatcher.Errors
 }
+
+func (w *Watcher) shouldIgnore(path string) bool {
+	dataDir := w.cfg.Storage.DataDir
+
+	absDataDir, err := filepath.Abs(dataDir)
+	if err != nil {
+		absDataDir = dataDir
+	}
+
+	absPath, err := filepath.Abs(path)
+	if err != nil {
+		absPath = path
+	}
+
+	if strings.HasPrefix(absPath, absDataDir) {
+		// 忽略数据目录下的指定文件
+		fileSystemName := w.cfg.Storage.FileSystemFile
+		processListName := w.cfg.Storage.ProcessSystemFile
+		dubiousFileName := w.cfg.Storage.DubiousFileListFile
+		dubiousProcessName := w.cfg.Storage.DubiousProcessListFile
+
+		if strings.HasSuffix(absPath, fileSystemName) ||
+			strings.HasSuffix(absPath, processListName) ||
+			strings.HasSuffix(absPath, dubiousFileName) ||
+			strings.HasSuffix(absPath, dubiousProcessName) {
+			logger.Log.Debug("[monitor] 忽略数据目录下的文件", zap.String("path", absPath))
+			return true
+		}
+	}
+
+	return false
+}