mirror of
https://github.com/falcosecurity/falco.git
synced 2025-09-25 20:30:47 +00:00
new(engine): add print_enabled_rules_falco_logger when log_level debug
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
This commit is contained in:
@@ -19,6 +19,8 @@ limitations under the License.
|
||||
|
||||
#include "falco_utils.h"
|
||||
|
||||
#include "../falco/logger.h"
|
||||
|
||||
#include <algorithm>
|
||||
|
||||
evttype_index_ruleset::evttype_index_ruleset(
|
||||
@@ -225,7 +227,22 @@ void evttype_index_ruleset::add(
|
||||
|
||||
void evttype_index_ruleset::on_loading_complete()
|
||||
{
|
||||
// nothing to do for now
|
||||
print_enabled_rules_falco_logger();
|
||||
}
|
||||
|
||||
void evttype_index_ruleset::print_enabled_rules_falco_logger()
|
||||
{
|
||||
falco_logger::log(falco_logger::level::DEBUG, "Enabled rules:\n");
|
||||
for (const auto& ruleset_ptr : m_rulesets)
|
||||
{
|
||||
if (ruleset_ptr)
|
||||
{
|
||||
for (const auto& wrap : ruleset_ptr->get_filters())
|
||||
{
|
||||
falco_logger::log(falco_logger::level::DEBUG, std::string(" ") + wrap->rule.name + "\n");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void evttype_index_ruleset::clear()
|
||||
|
@@ -52,6 +52,10 @@ public:
|
||||
|
||||
void on_loading_complete() override;
|
||||
|
||||
// Print each enabled rule when running Falco with falco logger
|
||||
// log_level=debug; invoked within on_loading_complete()
|
||||
void print_enabled_rules_falco_logger();
|
||||
|
||||
void enable(
|
||||
const std::string &pattern,
|
||||
match_type match,
|
||||
@@ -118,6 +122,11 @@ private:
|
||||
|
||||
uint64_t num_filters();
|
||||
|
||||
inline const std::set<std::shared_ptr<filter_wrapper>>& get_filters() const
|
||||
{
|
||||
return m_filters;
|
||||
}
|
||||
|
||||
// Evaluate an event against the ruleset and return the first rule
|
||||
// that matched.
|
||||
bool run(sinsp_evt *evt, falco_rule& match);
|
||||
|
Reference in New Issue
Block a user