General-purpose list_fields(), via factories

Take advantage of the changes in https://github.com/falcosecurity/libs/pull/75 to have a general-purpose way to list fields for a given event source. in the engine, list_fields() now takes a source, iterates over filter factories, and calls get_fields() for each factory, printing the results. list_source_fields now calls the engine regardless of source. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
2025-09-03 23:55:06 +00:00 · 2021-08-25 16:48:02 -07:00
parent 3202921355
commit 943a37fcf7
5 changed files with 96 additions and 60 deletions
--- a/userspace/engine/falco_engine.h
+++ b/userspace/engine/falco_engine.h
@@ -57,7 +57,8 @@ public:
 	static uint32_t engine_version();

 	// Print to stdout (using printf) a description of each field supported by this engine.
-	void list_fields(bool names_only=false);
+	// If source is non-empty, only fields for the provided source are printed.
+	void list_fields(std::string &source, bool names_only);

 	//
 	// Load rules either directly or from a filename.