mirror of
https://github.com/falcosecurity/falco.git
synced 2025-07-04 10:26:40 +00:00
update(metrics): use new libs addr_to_string methods for host_ifinfo_json
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
This commit is contained in:
Melissa Kilby
poiana
parent
23b412ea3c
commit
1caece2cf9
@ -101,28 +101,3 @@ TEST(FalcoUtils, matches_wildcard)
|
|||||||
ASSERT_FALSE(falco::utils::matches_wildcard("*hello*world", "come on hello this world yes"));
|
ASSERT_FALSE(falco::utils::matches_wildcard("*hello*world", "come on hello this world yes"));
|
||||||
ASSERT_FALSE(falco::utils::matches_wildcard("*hello*world*", "come on hello this yes"));
|
ASSERT_FALSE(falco::utils::matches_wildcard("*hello*world*", "come on hello this yes"));
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(__linux__) and !defined(MINIMAL_BUILD) and !defined(__EMSCRIPTEN__)
|
|
||||||
TEST(FalcoUtils, ipv4addr_to_string)
|
|
||||||
{
|
|
||||||
ASSERT_EQ(falco::utils::network::ipv4addr_to_string(0x0101A8C0), "192.168.1.1");
|
|
||||||
ASSERT_EQ(falco::utils::network::ipv4addr_to_string(0x0100007F), "127.0.0.1");
|
|
||||||
ASSERT_EQ(falco::utils::network::ipv4addr_to_string(0xFFFFFFFF), "255.255.255.255");
|
|
||||||
ASSERT_EQ(falco::utils::network::ipv4addr_to_string(0x00000000), "0.0.0.0");
|
|
||||||
}
|
|
||||||
|
|
||||||
TEST(FalcoUtils, ipv6addr_to_string)
|
|
||||||
{
|
|
||||||
ipv6addr addr1("2001:0db8:85a3:0000:0000:8a2e:0370:7334");
|
|
||||||
ASSERT_EQ(falco::utils::network::ipv6addr_to_string(addr1), "2001:db8:85a3:0:0:8a2e:370:7334");
|
|
||||||
|
|
||||||
ipv6addr addr2("fe80:0:0:0:2aa:ff:fe9a:4ca3");
|
|
||||||
ASSERT_EQ(falco::utils::network::ipv6addr_to_string(addr2), "fe80:0:0:0:2aa:ff:fe9a:4ca3");
|
|
||||||
|
|
||||||
ipv6addr addr3("0:0:0:0:0:0:0:0");
|
|
||||||
ASSERT_EQ(falco::utils::network::ipv6addr_to_string(addr3), "0:0:0:0:0:0:0:0");
|
|
||||||
|
|
||||||
ipv6addr addr4("ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff");
|
|
||||||
ASSERT_EQ(falco::utils::network::ipv6addr_to_string(addr4), "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff");
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|||||||
@ -257,38 +257,6 @@ bool is_unix_scheme(const std::string& url)
|
|||||||
{
|
{
|
||||||
return sinsp_utils::startswith(url, UNIX_SCHEME);
|
return sinsp_utils::startswith(url, UNIX_SCHEME);
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(__linux__) and !defined(MINIMAL_BUILD) and !defined(__EMSCRIPTEN__)
|
|
||||||
std::string ipv4addr_to_string(uint32_t addr)
|
|
||||||
{
|
|
||||||
char dest[16];
|
|
||||||
snprintf(
|
|
||||||
dest,
|
|
||||||
sizeof(dest),
|
|
||||||
"%d.%d.%d.%d",
|
|
||||||
(addr & 0xFF),
|
|
||||||
((addr & 0xFF00) >> 8),
|
|
||||||
((addr & 0xFF0000) >> 16),
|
|
||||||
((addr & 0xFF000000) >> 24));
|
|
||||||
return std::string(dest);
|
|
||||||
}
|
|
||||||
|
|
||||||
std::string ipv6addr_to_string(const ipv6addr& addr)
|
|
||||||
{
|
|
||||||
std::ostringstream oss;
|
|
||||||
const uint16_t* words = reinterpret_cast<const uint16_t*>(addr.m_b);
|
|
||||||
for (int i = 0; i < 8; ++i)
|
|
||||||
{
|
|
||||||
if (i != 0)
|
|
||||||
{
|
|
||||||
oss << ':';
|
|
||||||
}
|
|
||||||
oss << std::hex << ntohs(words[i]);
|
|
||||||
}
|
|
||||||
return oss.str();
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
} // namespace network
|
} // namespace network
|
||||||
} // namespace utils
|
} // namespace utils
|
||||||
} // namespace falco
|
} // namespace falco
|
||||||
|
|||||||
@ -22,10 +22,6 @@ limitations under the License.
|
|||||||
|
|
||||||
#include <cstdint>
|
#include <cstdint>
|
||||||
#include <string>
|
#include <string>
|
||||||
#if defined(__linux__) and !defined(MINIMAL_BUILD) and !defined(__EMSCRIPTEN__)
|
|
||||||
#include <arpa/inet.h>
|
|
||||||
#include <libsinsp/tuples.h>
|
|
||||||
#endif
|
|
||||||
|
|
||||||
namespace falco::utils
|
namespace falco::utils
|
||||||
{
|
{
|
||||||
@ -49,11 +45,5 @@ namespace network
|
|||||||
{
|
{
|
||||||
static const std::string UNIX_SCHEME("unix://");
|
static const std::string UNIX_SCHEME("unix://");
|
||||||
bool is_unix_scheme(const std::string& url);
|
bool is_unix_scheme(const std::string& url);
|
||||||
#if defined(__linux__) and !defined(MINIMAL_BUILD) and !defined(__EMSCRIPTEN__)
|
|
||||||
// todo: consider extending libs and expose API for ipv4 and ipv6 to string conversion
|
|
||||||
std::string ipv4addr_to_string(uint32_t addr);
|
|
||||||
std::string ipv6addr_to_string(const ipv6addr& addr);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
} // namespace network
|
} // namespace network
|
||||||
} // namespace falco::utils
|
} // namespace falco::utils
|
||||||
|
|||||||
@ -109,11 +109,7 @@ std::string falco_metrics::to_text(const falco::app::state& state)
|
|||||||
prometheus_text += prometheus_metrics_converter.convert_metric_to_text_prometheus("falco_sha256_config_files", "falcosecurity", "falco", {{"file_name", fs_path.filename().stem()}, {"sha256", item.second}});
|
prometheus_text += prometheus_metrics_converter.convert_metric_to_text_prometheus("falco_sha256_config_files", "falcosecurity", "falco", {{"file_name", fs_path.filename().stem()}, {"sha256", item.second}});
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool is_first_call = true;
|
|
||||||
static std::string ifinfo_json_escaped;
|
static std::string ifinfo_json_escaped;
|
||||||
if (is_first_call)
|
|
||||||
{
|
|
||||||
is_first_call = false;
|
|
||||||
auto ipv4list = inspector->get_ifaddr_list().get_ipv4_list();
|
auto ipv4list = inspector->get_ifaddr_list().get_ipv4_list();
|
||||||
auto ipv6list = inspector->get_ifaddr_list().get_ipv6_list();
|
auto ipv6list = inspector->get_ifaddr_list().get_ipv6_list();
|
||||||
nlohmann::json ipv4_json;
|
nlohmann::json ipv4_json;
|
||||||
@ -126,7 +122,7 @@ std::string falco_metrics::to_text(const falco::app::state& state)
|
|||||||
{
|
{
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
ipv4_json[item.m_name] = falco::utils::network::ipv4addr_to_string(item.m_addr);
|
ipv4_json[item.m_name] = item.addr_to_string();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -138,15 +134,14 @@ std::string falco_metrics::to_text(const falco::app::state& state)
|
|||||||
{
|
{
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
ipv6_json[item.m_name] = falco::utils::network::ipv6addr_to_string(item.m_net);
|
ipv6_json[item.m_name] = item.addr_to_string();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
nlohmann::json ifinfo_json;
|
nlohmann::json ifinfo_json;
|
||||||
ifinfo_json["ipv4"] = ipv4_json;
|
ifinfo_json["ipv4"] = ipv4_json;
|
||||||
ifinfo_json["ipv6"] = ipv6_json;
|
ifinfo_json["ipv6"] = ipv6_json;
|
||||||
ifinfo_json_escaped = ifinfo_json.dump();
|
ifinfo_json_escaped = ifinfo_json.dump();
|
||||||
}
|
prometheus_text += prometheus_metrics_converter.convert_metric_to_text_prometheus("host_ifinfo_json", "falcosecurity", "falco", {{"host_ifinfo_json", ifinfo_json_escaped}});
|
||||||
prometheus_text += prometheus_metrics_converter.convert_metric_to_text_prometheus("host_ifinfo", "falcosecurity", "falco", {{"host_ifinfo", ifinfo_json_escaped}});
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
for (const std::string& source: inspector->event_sources())
|
for (const std::string& source: inspector->event_sources())
|
||||||
|
|||||||
@ -358,11 +358,8 @@ void stats_writer::collector::get_metrics_output_fields_wrapper(
|
|||||||
output_fields[metric_name_file_sha256] = item.second;
|
output_fields[metric_name_file_sha256] = item.second;
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool is_first_call = true;
|
if (stats_snapshot_time_delta_sec == 0)
|
||||||
static std::string ifinfo_json_escaped;
|
|
||||||
if (is_first_call)
|
|
||||||
{
|
{
|
||||||
is_first_call = false;
|
|
||||||
auto ipv4list = inspector->get_ifaddr_list().get_ipv4_list();
|
auto ipv4list = inspector->get_ifaddr_list().get_ipv4_list();
|
||||||
auto ipv6list = inspector->get_ifaddr_list().get_ipv6_list();
|
auto ipv6list = inspector->get_ifaddr_list().get_ipv6_list();
|
||||||
nlohmann::json ipv4_json;
|
nlohmann::json ipv4_json;
|
||||||
@ -375,7 +372,7 @@ void stats_writer::collector::get_metrics_output_fields_wrapper(
|
|||||||
{
|
{
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
ipv4_json[item.m_name] = falco::utils::network::ipv4addr_to_string(item.m_addr);
|
ipv4_json[item.m_name] = item.addr_to_string();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -387,15 +384,15 @@ void stats_writer::collector::get_metrics_output_fields_wrapper(
|
|||||||
{
|
{
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
ipv6_json[item.m_name] = falco::utils::network::ipv6addr_to_string(item.m_net);
|
ipv6_json[item.m_name] = item.addr_to_string();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
nlohmann::json ifinfo_json;
|
nlohmann::json ifinfo_json;
|
||||||
ifinfo_json["ipv4"] = ipv4_json;
|
ifinfo_json["ipv4"] = ipv4_json;
|
||||||
ifinfo_json["ipv6"] = ipv6_json;
|
ifinfo_json["ipv6"] = ipv6_json;
|
||||||
ifinfo_json_escaped = ifinfo_json.dump();
|
m_ifinfo_json_escaped = ifinfo_json.dump();
|
||||||
}
|
}
|
||||||
output_fields["falco.host_ifinfo"] = ifinfo_json_escaped;
|
output_fields["falco.host_ifinfo_json"] = m_ifinfo_json_escaped;
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
output_fields["evt.source"] = src;
|
output_fields["evt.source"] = src;
|
||||||
|
|||||||
@ -80,6 +80,7 @@ public:
|
|||||||
uint64_t m_last_n_evts = 0;
|
uint64_t m_last_n_evts = 0;
|
||||||
uint64_t m_last_n_drops = 0;
|
uint64_t m_last_n_drops = 0;
|
||||||
uint64_t m_last_num_evts = 0;
|
uint64_t m_last_num_evts = 0;
|
||||||
|
std::string m_ifinfo_json_escaped;
|
||||||
};
|
};
|
||||||
|
|
||||||
stats_writer(const stats_writer&) = delete;
|
stats_writer(const stats_writer&) = delete;
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user