github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-30 08:32:12 +00:00
Code Issues Projects Releases Wiki Activity

Small refactoring of output config

Browse Source 
This is a step towards being able to support multiple outputs of
different types (including file outputs which require their own config).
This commit is contained in:
Henri DF 2016-04-11 15:16:01 -07:00
parent 4eef8c9647
commit 179e5519ce
2 changed files with 38 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
userspace/digwatch/digwatch.cpp
View File

@ -54,13 +54,13 @@ static void usage()
} }
string lua_on_event = "on_event"; string lua_on_event = "on_event";
string lua_add_output = "add_output";
// //
// Event processing loop // Event processing loop
// //
void do_inspect(sinsp* inspector, void do_inspect(sinsp* inspector,
digwatch_rules* rules, digwatch_rules* rules,
string output_name,
lua_State* ls) lua_State* ls)
{ {
int32_t res; int32_t res;
@ -110,9 +110,8 @@ void do_inspect(sinsp* inspector,
{ {
lua_pushlightuserdata(ls, ev); lua_pushlightuserdata(ls, ev);
lua_pushnumber(ls, ev->get_check_id()); lua_pushnumber(ls, ev->get_check_id());
lua_pushstring(ls, output_name.c_str());
if(lua_pcall(ls, 3, 0, 0) != 0) if(lua_pcall(ls, 2, 0, 0) != 0)
{ {
const char* lerr = lua_tostring(ls, -1); const char* lerr = lua_tostring(ls, -1);
string err = "Error invoking function output: " + string(lerr); string err = "Error invoking function output: " + string(lerr);
@ -157,6 +156,25 @@ void add_lua_path(lua_State *ls, string path)
lua_pop(ls, 1); lua_pop(ls, 1);
} }
void add_output(lua_State *ls, string output_name)
{
lua_getglobal(ls, lua_add_output.c_str());
if(lua_isfunction(ls, -1))
{
lua_pushstring(ls, output_name.c_str());
if(lua_pcall(ls, 1, 0, 0) != 0)
{
const char* lerr = lua_tostring(ls, -1);
string err = "Error invoking add_output: " + string(lerr);
throw sinsp_exception(err);
}
}
else
{
throw sinsp_exception("No function " + lua_add_output + " found. ");
}
}
// //
@ -345,6 +363,8 @@ int digwatch_init(int argc, char **argv)
inspector->set_hostname_and_port_resolution_mode(false); inspector->set_hostname_and_port_resolution_mode(false);
add_output(ls, output_name);
if (infile.size()) if (infile.size())
{ {
inspector->open(infile); inspector->open(infile);
@ -366,7 +386,6 @@ int digwatch_init(int argc, char **argv)
} }
do_inspect(inspector, do_inspect(inspector,
rules, rules,
output_name,
ls); ls);
inspector->close(); inspector->close();

20
userspace/digwatch/lua/rule_loader.lua
View File

@ -159,17 +159,27 @@ function on_done()
io.flush() io.flush()
end end
local outputs = require('output') local output_functions = require('output')
function on_event(evt_, rule_id, output_name) outputs = {}
if not (type(outputs[output_name]) == 'function') then
error("rule_loader.on_event(): invalid output_name: ", output_name) function add_output(output_name, config)
if not (type(output_functions[output_name]) == 'function') then
error("rule_loader.add_output(): invalid output_name: ", output_name)
end end
table.insert(outputs, {output = output_functions[output_name], config=config})
end
function on_event(evt_, rule_id)
if state.outputs[rule_id] == nil then if state.outputs[rule_id] == nil then
error ("rule_loader.on_event(): event with invalid rule_id: ", rule_id) error ("rule_loader.on_event(): event with invalid rule_id: ", rule_id)
end end
outputs[output_name](evt_, state.outputs[rule_id].level, state.outputs[rule_id].format) for index,o in ipairs(outputs) do
o.output(evt_, state.outputs[rule_id].level, state.outputs[rule_id].format, o.config)
end
end end