ProcessSysmon

ghostscope_process::sysmon

Struct ProcessSysmon

pub struct ProcessSysmon { /* private fields */ }

Expand description

Process sysmon — userspace controller that listens for process lifecycle events and performs incremental prefill/cleanup of offsets.

Note: The low-level event source (tracepoints via eBPF or kernel proc connector) is pluggable. This initial implementation provides the public API and a background loop stub; the event source integration will be wired subsequently.

Implementations§

impl ProcessSysmon

pub fn new(mgr: Arc<Mutex<ProcessManager>>, cfg: SysmonConfig) -> Self

Create a new sysmon instance with shared ProcessManager and config.

pub fn start(&mut self)

Start background monitoring thread and return immediately.

In the next iteration we will attach eBPF tracepoints (sched_process_exec/exit/fork) and stream events into this channel. For now, we ensure the pinned offsets map exists and keep a placeholder loop that can be extended to consume a real source.

pub fn recv_timeout(&self, timeout: Duration) -> Option<SysEvent>

Blocking poll (with timeout) for the next system event.

Trait Implementations§

impl Debug for ProcessSysmon

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

impl Freeze for ProcessSysmon

impl !RefUnwindSafe for ProcessSysmon

impl Send for ProcessSysmon

impl !Sync for ProcessSysmon

impl Unpin for ProcessSysmon

impl !UnwindSafe for ProcessSysmon

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more