mirror of
https://github.com/falcosecurity/falco.git
synced 2025-10-21 19:44:57 +00:00
Move format handling into own class
This commit is contained in:
@@ -10,7 +10,7 @@ include_directories(${PROJECT_SOURCE_DIR}/../sysdig/userspace/libscap)
|
||||
include_directories(${PROJECT_SOURCE_DIR}/../sysdig/userspace/libsinsp)
|
||||
include_directories("${PROJECT_BINARY_DIR}/userspace/digwatch")
|
||||
|
||||
add_executable(digwatch rules.cpp digwatch.cpp)
|
||||
add_executable(digwatch formats.cpp rules.cpp digwatch.cpp)
|
||||
|
||||
target_link_libraries(digwatch sinsp)
|
||||
|
||||
|
@@ -18,6 +18,7 @@ extern "C" {
|
||||
#include <sinsp.h>
|
||||
#include <config_digwatch.h>
|
||||
#include "rules.h"
|
||||
#include "formats.h"
|
||||
#include "digwatch.h"
|
||||
#include "utils.h"
|
||||
|
||||
@@ -55,7 +56,8 @@ static void usage()
|
||||
captureinfo do_inspect(sinsp* inspector,
|
||||
uint64_t cnt,
|
||||
int duration_to_tot,
|
||||
digwatch_rules* rules)
|
||||
digwatch_rules* rules,
|
||||
digwatch_formats* formats)
|
||||
{
|
||||
captureinfo retval;
|
||||
int32_t res;
|
||||
@@ -115,7 +117,7 @@ captureinfo do_inspect(sinsp* inspector,
|
||||
continue;
|
||||
}
|
||||
|
||||
formatter = rules->lookup_formatter(ev->get_check_id());
|
||||
formatter = formats->lookup_formatter(ev->get_check_id());
|
||||
if (!formatter)
|
||||
{
|
||||
throw sinsp_exception("Error: No formatter for event with id %d " + to_string(ev->get_check_id()));
|
||||
@@ -142,6 +144,7 @@ int digwatch_init(int argc, char **argv)
|
||||
int result;
|
||||
sinsp* inspector = NULL;
|
||||
digwatch_rules* rules = NULL;
|
||||
digwatch_formats* formats = NULL;
|
||||
int op;
|
||||
uint64_t cnt = -1;
|
||||
sinsp_evt::param_fmt event_buffer_format = sinsp_evt::PF_NORMAL;
|
||||
@@ -265,6 +268,7 @@ int digwatch_init(int argc, char **argv)
|
||||
luaL_openlibs(ls);
|
||||
|
||||
rules = new digwatch_rules(inspector, ls, lua_main_filename, lua_dir);
|
||||
formats = new digwatch_formats(inspector, ls);
|
||||
|
||||
rules->load_rules(rules_file);
|
||||
inspector->set_filter(rules->get_filter());
|
||||
@@ -273,7 +277,8 @@ int digwatch_init(int argc, char **argv)
|
||||
cinfo = do_inspect(inspector,
|
||||
cnt,
|
||||
duration_to_tot,
|
||||
rules);
|
||||
rules,
|
||||
formats);
|
||||
|
||||
inspector->close();
|
||||
}
|
||||
|
57
userspace/digwatch/formats.cpp
Normal file
57
userspace/digwatch/formats.cpp
Normal file
@@ -0,0 +1,57 @@
|
||||
#include "formats.h"
|
||||
|
||||
extern "C" {
|
||||
#include "lua.h"
|
||||
#include "lualib.h"
|
||||
#include "lauxlib.h"
|
||||
}
|
||||
|
||||
std::map<uint32_t, sinsp_evt_formatter*> g_format_map;
|
||||
sinsp* g_inspector;
|
||||
|
||||
const static struct luaL_reg ll_digwatch [] =
|
||||
{
|
||||
{"set_formatter", &digwatch_formats::set_formatter},
|
||||
{NULL,NULL}
|
||||
};
|
||||
|
||||
digwatch_formats::digwatch_formats(sinsp* inspector, lua_State *ls)
|
||||
{
|
||||
g_inspector = inspector;
|
||||
|
||||
m_ls = ls;
|
||||
|
||||
luaL_openlib(m_ls, "digwatch", ll_digwatch, 0);
|
||||
}
|
||||
|
||||
int digwatch_formats::set_formatter (lua_State *ls) {
|
||||
uint32_t index = luaL_checkinteger(ls, 1);
|
||||
string format = luaL_checkstring(ls, 2);
|
||||
|
||||
try
|
||||
{
|
||||
if(format == "" || format == "default")
|
||||
{
|
||||
g_format_map[index] = new sinsp_evt_formatter(g_inspector, DEFAULT_OUTPUT_STR);
|
||||
}
|
||||
else
|
||||
{
|
||||
g_format_map[index] = new sinsp_evt_formatter(g_inspector, format);
|
||||
}
|
||||
}
|
||||
catch(sinsp_exception& e)
|
||||
{
|
||||
string err = "invalid output format " + format;
|
||||
fprintf(stderr, "%s\n", err.c_str());
|
||||
throw sinsp_exception("set_formatter error");
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
sinsp_evt_formatter* digwatch_formats::lookup_formatter(uint32_t index)
|
||||
{
|
||||
return g_format_map[index];
|
||||
}
|
||||
|
||||
|
19
userspace/digwatch/formats.h
Normal file
19
userspace/digwatch/formats.h
Normal file
@@ -0,0 +1,19 @@
|
||||
#pragma once
|
||||
|
||||
#include "sinsp.h"
|
||||
#include "lua_parser.h"
|
||||
|
||||
class sinsp_evt_formatter;
|
||||
|
||||
class digwatch_formats
|
||||
{
|
||||
public:
|
||||
digwatch_formats(sinsp* inspector, lua_State *ls);
|
||||
|
||||
// set_formatter(index, format_string)
|
||||
static int set_formatter(lua_State *ls);
|
||||
sinsp_evt_formatter* lookup_formatter(uint32_t index);
|
||||
|
||||
private:
|
||||
lua_State* m_ls;
|
||||
};
|
@@ -6,59 +6,17 @@ extern "C" {
|
||||
#include "lauxlib.h"
|
||||
}
|
||||
|
||||
std::map<uint32_t, sinsp_evt_formatter*> g_format_map;
|
||||
sinsp* g_inspector;
|
||||
|
||||
const static struct luaL_reg ll_digwatch [] =
|
||||
{
|
||||
{"set_formatter", &digwatch_rules::set_formatter},
|
||||
{NULL,NULL}
|
||||
};
|
||||
|
||||
digwatch_rules::digwatch_rules(sinsp* inspector, lua_State *ls, string lua_main_filename, string lua_dir)
|
||||
{
|
||||
g_inspector = inspector;
|
||||
|
||||
m_ls = ls;
|
||||
|
||||
m_lua_parser = new lua_parser(inspector, m_ls);
|
||||
|
||||
luaL_openlib(m_ls, "digwatch", ll_digwatch, 0);
|
||||
|
||||
add_lua_path(lua_dir);
|
||||
load_compiler(lua_main_filename);
|
||||
}
|
||||
|
||||
int digwatch_rules::set_formatter (lua_State *ls) {
|
||||
uint32_t index = luaL_checkinteger(ls, 1);
|
||||
string format = luaL_checkstring(ls, 2);
|
||||
|
||||
try
|
||||
{
|
||||
if(format == "" || format == "default")
|
||||
{
|
||||
g_format_map[index] = new sinsp_evt_formatter(g_inspector, DEFAULT_OUTPUT_STR);
|
||||
}
|
||||
else
|
||||
{
|
||||
g_format_map[index] = new sinsp_evt_formatter(g_inspector, format);
|
||||
}
|
||||
}
|
||||
catch(sinsp_exception& e)
|
||||
{
|
||||
string err = "invalid output format " + format;
|
||||
fprintf(stderr, "%s\n", err.c_str());
|
||||
throw sinsp_exception("set_formatter error");
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
sinsp_evt_formatter* digwatch_rules::lookup_formatter(uint32_t index)
|
||||
{
|
||||
return g_format_map[index];
|
||||
}
|
||||
|
||||
void digwatch_rules::add_lua_path(string path)
|
||||
{
|
||||
path += "?.lua";
|
||||
|
@@ -3,8 +3,6 @@
|
||||
#include "sinsp.h"
|
||||
#include "lua_parser.h"
|
||||
|
||||
class sinsp_evt_formatter;
|
||||
|
||||
class digwatch_rules
|
||||
{
|
||||
public:
|
||||
@@ -13,10 +11,6 @@ class digwatch_rules
|
||||
void load_rules(string rules_filename);
|
||||
sinsp_filter* get_filter();
|
||||
|
||||
// set_formatter(index, format_string)
|
||||
static int set_formatter(lua_State *ls);
|
||||
sinsp_evt_formatter* lookup_formatter(uint32_t index);
|
||||
|
||||
private:
|
||||
void add_lua_path(string path);
|
||||
void load_compiler(string lua_main_filename);
|
||||
|
Reference in New Issue
Block a user