github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-07-17 00:01:52 +00:00
Code Issues Projects Releases Wiki Activity

new(userspace/falco): initial grpc queuing logic

Browse Source 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
This commit is contained in:
Lorenzo Fontana 2019-09-04 18:37:00 +02:00 committed by Leo Di Donato
parent 25f5fcacae
commit 356861be5f
2 changed files with 21 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
userspace/falco/falco.cpp
View File

@ -34,6 +34,7 @@ limitations under the License.
#include <unistd.h> #include <unistd.h>
#include <getopt.h> #include <getopt.h>
#include <sinsp.h> #include <sinsp.h>
#include "logger.h" #include "logger.h"
@ -221,15 +222,16 @@ static std::string read_file(std::string filename)
// Event processing loop // Event processing loop
// //
uint64_t do_inspect(falco_engine *engine, uint64_t do_inspect(falco_engine *engine,
falco_outputs *outputs, falco_outputs *outputs,
sinsp* inspector, sinsp* inspector,
falco_configuration &config, falco_configuration &config,
syscall_evt_drop_mgr &sdropmgr, syscall_evt_drop_mgr &sdropmgr,
uint64_t duration_to_tot_ns, uint64_t duration_to_tot_ns,
string &stats_filename, string &stats_filename,
uint64_t stats_interval, uint64_t stats_interval,
bool all_events, bool all_events,
int &result) falco_output_response_cq &output_event_queue,
int &result)
{ {
uint64_t num_evts = 0; uint64_t num_evts = 0;
int32_t rc; int32_t rc;
@ -324,6 +326,11 @@ uint64_t do_inspect(falco_engine *engine,
if(res) if(res)
{ {
outputs->handle_event(res->evt, res->rule, res->source, res->priority_num, res->format); outputs->handle_event(res->evt, res->rule, res->source, res->priority_num, res->format);
// TODO(fntlnz): integrate this with the output handle event logic, for now we just want to test the threads
falco_output_response grpcres = falco_output_response();
grpcres.set_rule(res->rule);
output_event_queue.push(grpcres);
} }
num_evts++; num_evts++;
@ -1164,8 +1171,10 @@ int falco_init(int argc, char **argv)
} }
// grpc server // grpc server
// TODO: this is blocking now, not what we want, falco must go on. Just an experiment for now. falco_output_response_cq output_event_queue;
start_grpc_server("0.0.0.0:5060", 1);
// TODO(fntlnz): do any handling, make sure we handle signals in the GRPC server and we clean it gracefully
std::thread grpc_server_thread (start_grpc_server, "0.0.0.0:5060", 1, std::ref(output_event_queue));
if(!trace_filename.empty() && !trace_is_scap) if(!trace_filename.empty() && !trace_is_scap)
{ {
@ -1186,6 +1195,7 @@ int falco_init(int argc, char **argv)
stats_filename, stats_filename,
stats_interval, stats_interval,
all_events, all_events,
output_event_queue,
result); result);
duration = ((double)clock()) / CLOCKS_PER_SEC - duration; duration = ((double)clock()) / CLOCKS_PER_SEC - duration;

13
userspace/falco/grpc_server.cpp
View File

@ -119,19 +119,6 @@ void falco_grpc_server_impl::subscribe(const stream_context& ctx, const falco_ou
// ctx.m_status == stream_context::STREAMING // ctx.m_status == stream_context::STREAMING
// todo > do we want batching? // todo > do we want batching?
<<<<<<< HEAD
std::stringstream ss;
int c = 0;
int i = 9;
while(c < i)
{
ss << std::to_string(c);
c++;
}
res.set_source(source::SYSCALL);
res.set_rule(ss.str());
=======
>>>>>>> new(userspace/falco): grpc server event bus queue
if(!m_event_queue.try_pop(res)) if(!m_event_queue.try_pop(res))
{ {