github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-08-11 11:02:08 +00:00
Code Issues Projects Releases Wiki Activity

Add improved field outputting

Browse Source 
Support the notion of a message for all fields in a single class, and
making sure it's wrapped as well as the other fields.

This is used to display a single message about how indexing working for
ka.* filter fields and what IDX_ALLOWED/IDX_NUMERIC/IDX_KEY means,
rather than repeating the same text over and over in every field.

The wrapping is handled by a function falco::utils::wrap_text.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
This commit is contained in:
Mark Stemm 2019-09-09 16:45:03 -07:00 committed by Leo Di Donato
parent 154dd18c8f
commit 1c3bed135f
4 changed files with 113 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
userspace/engine/CMakeLists.txt
View File

@ -22,6 +22,7 @@ set(FALCO_ENGINE_SOURCE_FILES
rules.cpp rules.cpp
falco_common.cpp falco_common.cpp
falco_engine.cpp falco_engine.cpp
falco_utils.cpp
json_evt.cpp json_evt.cpp
ruleset.cpp ruleset.cpp
token_bucket.cpp token_bucket.cpp

42
userspace/engine/falco_engine.cpp
View File

@ -20,6 +20,7 @@ limitations under the License.
#include <fstream> #include <fstream>
#include "falco_engine.h" #include "falco_engine.h"
#include "falco_utils.h"
#include "falco_engine_version.h" #include "falco_engine_version.h"
#include "config_falco_engine.h" #include "config_falco_engine.h"
@ -91,12 +92,15 @@ void falco_engine::list_fields(bool names_only)
{ {
printf("\n----------------------\n"); printf("\n----------------------\n");
printf("Field Class: %s (%s)\n\n", chk_field.m_name.c_str(), chk_field.m_desc.c_str()); printf("Field Class: %s (%s)\n\n", chk_field.m_name.c_str(), chk_field.m_desc.c_str());
if(chk_field.m_class_info != "")
{
std::string str = falco::utils::wrap_text(chk_field.m_class_info, 0, 0, CONSOLE_LINE_LEN);
printf("%s\n", str.c_str());
}
} }
for(auto &field : chk_field.m_fields) for(auto &field : chk_field.m_fields)
{ {
uint32_t l, m;
printf("%s", field.m_name.c_str()); printf("%s", field.m_name.c_str());
if(names_only) if(names_only)
@ -112,29 +116,29 @@ void falco_engine::list_fields(bool names_only)
namelen = 0; namelen = 0;
} }
for(l = 0; l < DESCRIPTION_TEXT_START - namelen; l++) for(uint32_t l = 0; l < DESCRIPTION_TEXT_START - namelen; l++)
{ {
printf(" "); printf(" ");
} }
size_t desclen = field.m_desc.size(); std::string desc = field.m_desc;
switch(field.m_idx_mode)
for(l = 0; l < desclen; l++)
{ {
if(l % (CONSOLE_LINE_LEN - DESCRIPTION_TEXT_START) == 0 && l != 0) case json_event_filter_check::IDX_REQUIRED:
{ case json_event_filter_check::IDX_ALLOWED:
printf("\n"); desc += " (";
desc += json_event_filter_check::s_index_mode_strs[field.m_idx_mode];
desc += ", ";
desc += json_event_filter_check::s_index_type_strs[field.m_idx_type];
desc += ")";
break;
case json_event_filter_check::IDX_NONE:
default:
break;
};
for(m = 0; m < DESCRIPTION_TEXT_START; m++) std::string str = falco::utils::wrap_text(desc, namelen, DESCRIPTION_TEXT_START, CONSOLE_LINE_LEN);
{ printf("%s\n", str.c_str());
printf(" ");
}
}
printf("%c", field.m_desc.at(l));
}
printf("\n");
} }
} }
} }

55
userspace/engine/falco_utils.cpp Normal file
View File

@ -0,0 +1,55 @@
/*
Copyright (C) 2016-2018 Draios Inc dba Sysdig.
This file is part of falco.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "falco_utils.h"
namespace falco
{
namespace utils
{
std::string wrap_text(const std::string &str, uint32_t initial_pos, uint32_t indent, uint32_t line_len)
{
std::string ret;
size_t len = str.size();
for(uint32_t l = 0; l < len; l++)
{
if(l % (line_len - indent) == 0 && l != 0)
{
ret += "\n";
for(uint32_t m = 0; m < indent; m++)
{
ret += " ";
}
}
ret += str.at(l);
}
ret += "\n";
return ret;
}
} // namespace utils
} // namespace falco

34
userspace/engine/falco_utils.h Normal file
View File

@ -0,0 +1,34 @@
/*
Copyright (C) 2016-2018 Draios Inc dba Sysdig.
This file is part of falco.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include <string>
#pragma once
namespace falco
{
namespace utils
{
std::string wrap_text(const std::string &str, uint32_t initial_pos, uint32_t indent, uint32_t line_len);
} // namespace utils
} // namespace falco