From 92ba48aa095c54fa4ccaf388f311d08d555f1f09 Mon Sep 17 00:00:00 2001 From: wuko233 Date: Thu, 2 Apr 2026 22:57:21 +0800 Subject: [PATCH] =?UTF-8?q?[monitor]=20=E5=AE=9E=E7=8E=B0=E6=96=87?= =?UTF-8?q?=E4=BB=B6=E4=BA=8B=E4=BB=B6=E7=9B=91=E5=90=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cmd/start/start.go | 40 +++++++++ config.yaml | 4 +- go.mod | 1 + go.sum | 2 + internal/monitor/watcher/watcher.go | 133 ++++++++++++++++++++++++++++ 5 files changed, 178 insertions(+), 2 deletions(-) create mode 100644 internal/monitor/watcher/watcher.go diff --git a/cmd/start/start.go b/cmd/start/start.go index 015d867..9602c5e 100644 --- a/cmd/start/start.go +++ b/cmd/start/start.go @@ -4,6 +4,7 @@ import ( "fmt" "os" "sysmonitord/internal/config" + "sysmonitord/internal/monitor/watcher" "sysmonitord/internal/scanner/file" "sysmonitord/internal/scanner/process" "sysmonitord/internal/storage" @@ -79,5 +80,44 @@ var StartCmd = &cobra.Command{ zap.Duration("扫描耗时", duration), ) + // ====== 启动文件监听 ====== + logger.Log.Info("正在启动文件监听...") + + mon, err := watcher.NewWatcher(cfg.Scanner.File.IncludePaths, cfg.Scanner.File.ExcludePaths) + if err != nil { + logger.Log.Error("启动文件监听失败", zap.Error(err)) + os.Exit(1) + } + + mon.Start() + + logger.Log.Info("系统监控守护服务已启动,正在监控文件系统变化...") + + for { + select { + + case event := <-mon.Events(): + logger.Log.Info("文件系统事件", + zap.String("path", event.Path), + zap.String("op", event.Op.String()), + ) + + if event.FileInfo != nil { + // Todo: 处理文件系统事件,例如更新白名单、触发告警等 + logger.Log.Debug("文件详情", zap.Int64("size", event.FileInfo.Size())) + } + + case err := <-mon.Errors(): + logger.Log.Error("文件监听错误", zap.Error(err)) + + // case <-quit: + // logger.Log.Info("正在停止系统监控守护服务...") + // mon.Stop() + // logger.Log.Info("系统监控守护服务已停止") + // return + + } + } + }, } diff --git a/config.yaml b/config.yaml index 51283b8..07ef926 100644 --- a/config.yaml +++ b/config.yaml @@ -3,8 +3,8 @@ server: port: 8080 log: - level: "info" - # level: "debug" + # level: "info" + level: "debug" audit: enabled: true diff --git a/go.mod b/go.mod index b6ea519..88ccbd4 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,7 @@ go 1.26.1 require ( github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/fsnotify/fsnotify v1.9.0 // indirect github.com/go-ole/go-ole v1.2.6 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect diff --git a/go.sum b/go.sum index 1ffe972..216a5db 100644 --- a/go.sum +++ b/go.sum @@ -1,6 +1,8 @@ github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= +github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= +github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= diff --git a/internal/monitor/watcher/watcher.go b/internal/monitor/watcher/watcher.go new file mode 100644 index 0000000..4cd034a --- /dev/null +++ b/internal/monitor/watcher/watcher.go @@ -0,0 +1,133 @@ +package watcher + +import ( + "fmt" + "os" + "path/filepath" + "strings" + "sysmonitord/pkg/logger" + + "github.com/fsnotify/fsnotify" + "go.uber.org/zap" +) + +type Watcher struct { + fsnWatcher *fsnotify.Watcher + paths []string + ignore []string + eventChan chan EventMsg +} + +type EventMsg struct { + Path string + Op fsnotify.Op + FileInfo os.FileInfo +} + +func NewWatcher(paths []string, ignore []string) (*Watcher, error) { + fsnW, err := fsnotify.NewWatcher() + if err != nil { + return nil, fmt.Errorf("[monitor] 创建文件监听失败: %w", err) + } + + return &Watcher{ + fsnWatcher: fsnW, + paths: paths, + ignore: ignore, + eventChan: make(chan EventMsg, 100), + }, nil +} + +func (w *Watcher) Start() { + for _, path := range w.paths { + if _, err := os.Stat(path); os.IsNotExist(err) { + fmt.Printf("[monitor] 路径不存在: %s\n", path) + continue + } + + w.addPath(path) + } + + logger.Log.Info("[monitor] 已启用文件监听", zap.Strings("paths", w.paths)) + + go w.eventLoop() +} + +func (w *Watcher) Stop() { + if w.fsnWatcher != nil { + _ = w.fsnWatcher.Close() + } + close(w.eventChan) +} + +func (w *Watcher) Events() <-chan EventMsg { + return w.eventChan +} + +func (w *Watcher) eventLoop() { + for { + select { + case err, ok := <-w.fsnWatcher.Errors: + if !ok { + return + } + fmt.Printf("[monitor] 监听错误: %v\n", err) + case event, ok := <-w.fsnWatcher.Events: + if !ok { + return + } + + // 添加新创建的目录到监听列表 + if event.Op&fsnotify.Create == fsnotify.Create { + info, err := os.Stat(event.Name) + if err == nil && info.IsDir() { + w.addPath(event.Name) + } + } + + info, err := os.Stat(event.Name) + if err != nil { + logger.Log.Debug("[monitor] 检测文件删除或获取文件信息失败", zap.String("path", event.Name)) + w.eventChan <- EventMsg{ + Path: event.Name, + Op: event.Op, + FileInfo: nil, + } + continue + } + + w.eventChan <- EventMsg{ + Path: event.Name, + Op: event.Op, + FileInfo: info, + } + + } + } +} + +func (w *Watcher) addPath(path string) { + filepath.WalkDir(path, func(subPath string, d os.DirEntry, err error) error { + if err != nil { + return err + } + + if d.IsDir() { + for _, ignorePath := range w.ignore { + if strings.HasPrefix(subPath, ignorePath) { + return filepath.SkipDir + } + } + + if err := w.fsnWatcher.Add(subPath); err != nil { + fmt.Printf("[monitor] 添加监听失败: %s, 错误: %v\n", subPath, err) + } + } + + return nil + }) +} + +func (w *Watcher) Errors() <-chan error { + return w.fsnWatcher.Errors +}