Duplicating memory writes along the PCIe bus

I am attempting to monitor all writes to system RAM with the aim of detecting malicious programs, using a independent co-processor. To prototype this I will be using an Intel Stratix 10 GX FPGA connected to the CPU over the PCIe bus. How can I duplicate all memory writes along the memory bus and send them along the PCIe bus (packaging them as necessary) for analysis by the FPGA, i.e. snoop the memory bus or Memory Management Unit?

I have looked into the DMA capabilities of PCIe devices but have only found ways to perform specific reads of select memory address. My design relies on being able to continuously analyse all memory writes that are sent to main memory (at least for the section of memory that contains the kernel). I have found no kernel facilities that would allow this behaviour. I had the idea of writing a kernel module that could hook into the memory management unit in the OS and copy writes but I think too much of the memory writes are handled by hardware for that to be useful. I am now exploring the ability for the Intel Processor Trace to capture this data but I don't believe this will lead to success either.

Alternatively, is it possible to have the CPU use the FPGA's onboard RAM as the main system RAM?