6 changed files with 19 additions and 186 deletions
--- a/cmd/start/start.go
+++ b/cmd/start/start.go
@ -3,11 +3,7 @@ package start
 import (
 	"fmt"
 	"os"
-	"os/signal"
-	"syscall"
 	"sysmonitord/internal/config"
-	"sysmonitord/internal/monitor/detector"
-	"sysmonitord/internal/monitor/timer"
 	"sysmonitord/internal/monitor/watcher"
 	"sysmonitord/internal/scanner/file"
 	"sysmonitord/internal/scanner/process"
@ -87,7 +83,7 @@ var StartCmd = &cobra.Command{
 		// ====== 启动文件监听 ======
 		logger.Log.Info("正在启动文件监听...")

-		mon, err := watcher.NewWatcher(cfg)
+		mon, err := watcher.NewWatcher(cfg.Scanner.File.IncludePaths, cfg.Scanner.File.ExcludePaths)
 		if err != nil {
 			logger.Log.Error("启动文件监听失败", zap.Error(err))
 			os.Exit(1)
@ -95,15 +91,7 @@ var StartCmd = &cobra.Command{

 		mon.Start()

-		// ====== 启动进程检测定时任务 ======
-		procDetector := detector.NewProcessDetector(cfg)
-		procScheduler := timer.NewScheduler(time.Duration(cfg.Scanner.Process.Interval)*time.Second, procDetector)
-		procScheduler.Start()
-
-		logger.Log.Info("系统监控守护服务已启动，正在监控系统变化...")
-
-		quit := make(chan os.Signal, 1)
-		signal.Notify(quit, os.Interrupt, syscall.SIGTERM, syscall.SIGINT)
+		logger.Log.Info("系统监控守护服务已启动，正在监控文件系统变化...")

 		for {
 			select {
@ -122,12 +110,11 @@ var StartCmd = &cobra.Command{
 			case err := <-mon.Errors():
 				logger.Log.Error("文件监听错误", zap.Error(err))

-			case <-quit:
-				logger.Log.Info("正在停止系统监控守护服务...")
-				mon.Stop()
-				procScheduler.Stop()
-				logger.Log.Info("系统监控守护服务已停止")
-				return
+				// case <-quit:
+				// 	logger.Log.Info("正在停止系统监控守护服务...")
+				// 	mon.Stop()
+				// 	logger.Log.Info("系统监控守护服务已停止")
+				// 	return

 			}
 		}
--- a/config.yaml
+++ b/config.yaml
@ -3,8 +3,8 @@ server:
  port: 8080

 log:
-  level: "info"
-  # level: "debug"
+  # level: "info"
+  level: "debug"

 audit:
  enabled: true
@ -26,8 +26,6 @@ scanner:
    fast_hash: true
    fast_hash_size: 100MB
    fast_hash_chunk: 2MB
-  process:
-    interval: 30 # seconds

 storage:
  data_dir: "./data"
--- a/internal/config/config.go
+++ b/internal/config/config.go
@ -21,17 +21,12 @@ type AuditConfig struct {
 type ScannerConfig struct {
 	File FileScannerConfig `yaml:"file"`
 	Hash hashConfig        `yaml:"hash"`
-	Process ProcessScannerConfig `yaml:"process"`
 }

 type hashConfig struct {
 	Algorithm string `yaml:"algorithm"`
 }

-type ProcessScannerConfig struct {
-	Interval int `yaml:"interval"`
-}
-
 type StorageConfig struct {
 	DataDir           string `yaml:"data_dir"`
 	ProcessSystemFile string `yaml:"process_system_file"`
--- a/internal/monitor/detector/detector.go
+++ b/internal/monitor/detector/detector.go
@ -1,82 +0,0 @@
-package detector
-
-import (
-	"bufio"
-	"os"
-	"path/filepath"
-	"strings"
-	"sysmonitord/internal/config"
-	"sysmonitord/internal/scanner/process"
-	"sysmonitord/pkg/logger"
-
-	"go.uber.org/zap"
-)
-
-type ProcessDetector struct {
-	cfg         *config.Config
-	whiteList   map[string]string
-	storagePath string
-}
-
-func NewProcessDetector(cfg *config.Config) *ProcessDetector {
-	p := &ProcessDetector{
-		cfg:       cfg,
-		whiteList: make(map[string]string),
-	}
-
-	p.loadWhiteList()
-	return p
-}
-
-func (p *ProcessDetector) loadWhiteList() {
-	filepath := filepath.Join(p.cfg.Storage.DataDir, p.cfg.Storage.ProcessSystemFile)
-	file, err := os.Open(filepath)
-	if err != nil {
-		logger.Log.Error("[monitor] 加载进程白名单失败", zap.String("file", filepath), zap.Error(err))
-		return
-	}
-	defer file.Close()
-
-	scanner := bufio.NewScanner(file)
-	for scanner.Scan() {
-		line := scanner.Text()
-		if line == "" || strings.HasPrefix(line, "#") {
-			continue
-		}
-
-		parts := strings.Split(line, ":")
-		if len(parts) >= 3 {
-			p.whiteList[parts[1]] = parts[2] // name:path:hash
-		}
-	}
-
-	logger.Log.Info("[monitor] 进程白名单加载完成", zap.Int("count", len(p.whiteList)))
-}
-
-func (p *ProcessDetector) Run() error {
-	logger.Log.Info("[monitor] 进程检测已启动")
-
-	currentProcs, err := process.ScanAllProcesses(p.cfg)
-	if err != nil {
-		logger.Log.Error("[monitor] 扫描进程失败", zap.Error(err))
-		return err
-	}
-
-	newCount := 0
-	for _, proc := range currentProcs {
-		_, exists := p.whiteList[proc.Path]
-		if !exists {
-			logger.Log.Warn("[monitor] 发现新进程", zap.String("name", proc.Name), zap.String("path", proc.Path))
-			newCount++
-
-			// Todo: 处理新进程
-		}
-	}
-
-	logger.Log.Info("[monitor] 进程检测完成", zap.Int("total", len(currentProcs)), zap.Int("new", newCount))
-	return nil
-}
-
-func (p *ProcessDetector) Name() string {
-	return "ProcessMonitor"
-}
--- a/internal/monitor/timer/timer.go
+++ b/internal/monitor/timer/timer.go
@ -1,64 +0,0 @@
-package timer
-
-import (
-	"sync"
-	"sysmonitord/pkg/logger"
-	"time"
-
-	"go.uber.org/zap"
-)
-
-type Job interface {
-	Run() error
-	Name() string
-}
-
-type Scheduler struct {
-	ticker   *time.Ticker
-	stopCh   chan struct{}
-	job      Job
-	wg       sync.WaitGroup
-	interval time.Duration
-}
-
-func NewScheduler(interval time.Duration, job Job) *Scheduler {
-	return &Scheduler{
-		ticker:   time.NewTicker(interval),
-		stopCh:   make(chan struct{}),
-		job:      job,
-		interval: interval,
-	}
-}
-
-func (s *Scheduler) Start() {
-	logger.Log.Info("[monitor] 定时任务已启动", zap.String("job", s.job.Name()), zap.Duration("interval", s.interval))
-
-	s.wg.Add(1)
-	go func() {
-		defer s.wg.Done()
-
-		logger.Log.Info("[monitor] 执行定时任务", zap.String("job", s.job.Name()))
-		if err := s.job.Run(); err != nil {
-			logger.Log.Error("[monitor] 定时任务执行失败", zap.String("job", s.job.Name()), zap.Error(err))
-		}
-
-		for {
-			select {
-			case <-s.ticker.C:
-				logger.Log.Info("[monitor] 执行定时任务", zap.String("job", s.job.Name()))
-				if err := s.job.Run(); err != nil {
-					logger.Log.Error("[monitor] 定时任务执行失败", zap.String("job", s.job.Name()), zap.Error(err))
-				}
-			case <-s.stopCh:
-				logger.Log.Info("[monitor] 定时任务已停止", zap.String("job", s.job.Name()))
-				return
-			}
-		}
-	}()
-}
-
-func (s *Scheduler) Stop() {
-	close(s.stopCh)
-	s.ticker.Stop()
-	s.wg.Wait()
-}
--- a/internal/monitor/watcher/watcher.go
+++ b/internal/monitor/watcher/watcher.go
@ -5,7 +5,6 @@ import (
 	"os"
 	"path/filepath"
 	"strings"
-	"sysmonitord/internal/config"
 	"sysmonitord/pkg/logger"

 	"github.com/fsnotify/fsnotify"
@ -14,7 +13,8 @@ import (

 type Watcher struct {
 	fsnWatcher *fsnotify.Watcher
-	cfg        *config.Config
+	paths      []string
+	ignore     []string
 	eventChan  chan EventMsg
 }

@ -24,7 +24,7 @@ type EventMsg struct {
 	FileInfo os.FileInfo
 }

-func NewWatcher(cfg *config.Config) (*Watcher, error) {
+func NewWatcher(paths []string, ignore []string) (*Watcher, error) {
 	fsnW, err := fsnotify.NewWatcher()
 	if err != nil {
 		return nil, fmt.Errorf("[monitor] 创建文件监听失败: %w", err)
@ -32,15 +32,14 @@ func NewWatcher(cfg *config.Config) (*Watcher, error) {

 	return &Watcher{
 		fsnWatcher: fsnW,
-		cfg:        cfg,
+		paths:      paths,
+		ignore:     ignore,
 		eventChan:  make(chan EventMsg, 100),
 	}, nil
 }

 func (w *Watcher) Start() {
-	paths := w.cfg.Scanner.File.IncludePaths
-
-	for _, path := range paths {
+	for _, path := range w.paths {
 		if _, err := os.Stat(path); os.IsNotExist(err) {
 			fmt.Printf("[monitor] 路径不存在: %s\n", path)
 			continue
@ -49,7 +48,7 @@ func (w *Watcher) Start() {
 		w.addPath(path)
 	}

-	logger.Log.Info("[monitor] 已启用文件监听", zap.Strings("paths", paths))
+	logger.Log.Info("[monitor] 已启用文件监听", zap.Strings("paths", w.paths))

 	go w.eventLoop()
 }
@ -114,7 +113,7 @@ func (w *Watcher) addPath(path string) {
 		}

 		if d.IsDir() {
-			for _, ignorePath := range w.cfg.Scanner.File.ExcludePaths {
+			for _, ignorePath := range w.ignore {
 				if strings.HasPrefix(subPath, ignorePath) {
 					return filepath.SkipDir
 				}