Update command syntax to use 'uv run python -m linux_edr.cli run' instead of 'linux-edr run'

Author: scc-tw

README.md

@@ -36,16 +36,16 @@ uv pip install git+https://github.com/ParttimeWorks/linux_edr.git@v1.0.0
 
 ```bash
 # Basic monitoring with default settings
-linux-edr run
+sudo uv run python -m linux_edr.cli run
 
 # Custom interval and output file
-linux-edr run --interval 5 --output events.jsonl
+sudo uv run python -m linux_edr.cli run --interval 5 --output events.jsonl
 
 # Using a specific configuration file
-linux-edr run --config /etc/linux_edr/custom.ini
+sudo uv run python -m linux_edr.cli run --config /etc/linux_edr/custom.ini
 
 # Show current configuration
-linux-edr show-config
+sudo uv run python -m linux_edr.cli show-config
 ```
 
 ## Data Structure

docs/index.md

@@ -21,13 +21,13 @@ Linux EDR captures process execution data through Linux's kernel tracing capabil
 
 ```bash
 # Run with default settings (requires root permissions)
-sudo linux-edr run
+sudo uv run python -m linux_edr.cli run
 
 # Monitor with 5-minute report interval
-sudo linux-edr run --interval 5
+sudo uv run python -m linux_edr.cli run --interval 5
 
 # Save reports to file
-sudo linux-edr run --output /var/log/linux-edr.jsonl
+sudo uv run python -m linux_edr.cli run --output /var/log/linux-edr.jsonl
 ```
 
 ## Architecture

docs/usage.md

@@ -1,29 +1,29 @@
 # Usage
 
-The `linux-edr` command provides the main interface for running and managing the EDR tool.
+The Linux EDR tool can be run directly using the Python module.
 
 ## Running the Monitor
 
 ```bash
 # Basic monitoring with default settings (requires root)
-sudo linux-edr run
+sudo uv run python -m linux_edr.cli run
 
 # Custom 5-minute reporting interval and save reports to a file
-sudo linux-edr run --interval 5 --output /var/log/linux-edr-events.jsonl
+sudo uv run python -m linux_edr.cli run --interval 5 --output /var/log/linux-edr-events.jsonl
 
 # Use a specific configuration file
-sudo linux-edr run --config /etc/linux_edr/my_config.ini
+sudo uv run python -m linux_edr.cli run --config /etc/linux_edr/my_config.ini
 ```
 
 ## Viewing Configuration
 
 To see the effective configuration (after loading defaults, file settings, and command-line overrides):
 
 ```bash
-linux-edr show-config
+sudo uv run python -m linux_edr.cli show-config
 
 # View configuration based on a specific file
-linux-edr show-config --config /etc/linux_edr/my_config.ini
+sudo uv run python -m linux_edr.cli show-config --config /etc/linux_edr/my_config.ini
 ```
 
 ## Running as a Systemd Service
@@ -34,27 +34,32 @@ Linux EDR can be run as a systemd service for continuous background monitoring:
     ```bash
     sudo cp linux-edr.service /etc/systemd/system/
     ```
-    *(Note: Ensure the `linux-edr.service` file is present in your installation or repository.)*
+    *(Note: The service file is configured to use `uv run python -m linux_edr.cli run` command)*
 
 2.  **Create log directory** (if needed by your service configuration):
     ```bash
     sudo mkdir -p /var/log/linux-edr
     sudo chown <user>:<group> /var/log/linux-edr # Adjust user/group as needed
     ```
 
-3.  **Reload systemd, enable and start the service:**
+3.  **Ensure uv is installed system-wide and available at /usr/bin/uv:**
+    ```bash
+    sudo ln -sf $(which uv) /usr/bin/uv # Create symlink if necessary
+    ```
+
+4.  **Reload systemd, enable and start the service:**
     ```bash
     sudo systemctl daemon-reload
     sudo systemctl enable linux-edr.service
     sudo systemctl start linux-edr.service
     ```
 
-4.  **Check service status:**
+5.  **Check service status:**
     ```bash
     sudo systemctl status linux-edr.service
     ```
 
-5.  **View service logs:**
+6.  **View service logs:**
     ```bash
     sudo journalctl -u linux-edr.service -f
     ``` 

install_service.sh

@@ -9,11 +9,22 @@ fi
 
 echo "Installing Linux EDR service..."
 
-# Install the Python package if not already installed
-pip show linux-edr > /dev/null 2>&1 || {
-  echo "Installing Linux EDR Python package..."
-  pip install .
-}
+# Check if uv is installed
+if ! command -v uv &> /dev/null; then
+  echo "Error: 'uv' is required but not found. Please install uv first."
+  echo "Visit: https://github.com/astral-sh/uv"
+  exit 1
+fi
+
+# Create symlink to uv in /usr/bin if it doesn't exist
+if [ ! -f /usr/bin/uv ]; then
+  echo "Creating symlink for uv in /usr/bin..."
+  ln -sf $(which uv) /usr/bin/uv
+fi
+
+# Install the Python package in development mode
+echo "Installing Linux EDR Python package..."
+uv pip install -e .
 
 # Create log directory
 echo "Creating log directory..."

linux-edr.service

@@ -6,7 +6,7 @@ After=network.target
 Type=simple
 User=root
 ExecStartPre=/bin/sh -c 'echo 1 > /sys/kernel/tracing/events/syscalls/sys_enter_execve/enable'
-ExecStart=/usr/local/bin/linux-edr --output-file /var/log/linux-edr/reports.jsonl
+ExecStart=/usr/bin/uv run python -m linux_edr.cli run --output /var/log/linux-edr/reports.jsonl
 Restart=on-failure
 RestartSec=5
 StandardOutput=journal