mirror of
				https://github.com/falcosecurity/falco.git
				synced 2025-10-22 12:27:10 +00:00 
			
		
		
		
	Add ability to write "extra" stuff to stats file.
When run via scripts like run_performance_tests.sh, it's useful to include extra info like the test being run and the specific program variant to the stats file. So support that via the environment. Environment keys starting with FALCO_STATS_EXTRA_XXX will have the XXX and environment value added to the stats file. It's undocumented as I doubt other programs will need this functionality and it keeps the docs simpler.
This commit is contained in:
		| @@ -143,13 +143,13 @@ function start_subject_prog() { | ||||
| 	if [ -z $RULES_FILE ]; then | ||||
| 	    RULES_FILE=$SOURCE/../output/rules.yaml | ||||
| 	fi | ||||
| 	sudo $ROOT/test_mm -s $SOURCE/search_order.yaml -r $RULES_FILE > ./prog-output.txt 2>&1 & | ||||
| 	sudo FALCO_STATS_EXTRA_variant=$VARIANT FALCO_STATS_EXTRA_benchmark=$live_test $ROOT/test_mm -S $SOURCE/search_order.yaml -s $STATS_FILE -r $RULES_FILE > ./prog-output.txt 2>&1 & | ||||
|     elif [[ $ROOT == *"falco"* ]]; then | ||||
| 	echo "   starting falco..." | ||||
| 	if [ -z $RULES_FILE ]; then | ||||
| 	    RULES_FILE=$SOURCE/rules/falco_rules.yaml | ||||
| 	fi | ||||
| 	sudo $ROOT/userspace/falco/falco -c $SOURCE/falco.yaml -r $RULES_FILE --option=stdout_output.enabled=false > ./prog-output.txt -A 2>&1 & | ||||
| 	sudo FALCO_STATS_EXTRA_variant=$VARIANT FALCO_STATS_EXTRA_benchmark=$live_test $ROOT/userspace/falco/falco -c $SOURCE/falco.yaml -s $STATS_FILE -r $RULES_FILE --option=stdout_output.enabled=false > ./prog-output.txt -A 2>&1 & | ||||
|     elif [[ $ROOT == *"sysdig"* ]]; then | ||||
| 	echo "   starting sysdig..." | ||||
| 	sudo $ROOT/userspace/sysdig/sysdig -N -z evt.type=none & | ||||
| @@ -323,6 +323,7 @@ usage() { | ||||
|     echo "   -r/--root: root directory containing falco/sysdig binaries (i.e. where you ran 'cmake')" | ||||
|     echo "   -s/--source: root directory containing falco/sysdig source code" | ||||
|     echo "   -R/--results: append test results to this file" | ||||
|     echo "   -S/--stats: append capture statistics to this file (only works for falco/test_mm)" | ||||
|     echo "   -o/--output: append program output to this file" | ||||
|     echo "   -U/--rules: path to rules file (only applicable for falco/test_mm)" | ||||
|     echo "   -t/--test: test to run. Argument has the following format:" | ||||
| @@ -342,7 +343,7 @@ usage() { | ||||
|     echo "   -F/--falco-agent: When running an agent, whether or not to enable falco" | ||||
| } | ||||
|  | ||||
| OPTS=`getopt -o hv:r:s:R:o:U:t:T: --long help,variant:,root:,source:,results:,output:,rules:,test:,tracedir:,agent-autodrop:,falco-agent: -n $0 -- "$@"` | ||||
| OPTS=`getopt -o hv:r:s:R:S:o:U:t:T: --long help,variant:,root:,source:,results:,stats:,output:,rules:,test:,tracedir:,agent-autodrop:,falco-agent: -n $0 -- "$@"` | ||||
|  | ||||
| if [ $? != 0 ]; then | ||||
|     echo "Exiting" >&2 | ||||
| @@ -356,6 +357,7 @@ ROOT=`dirname $0`/../build | ||||
| SOURCE=$ROOT | ||||
| SCRIPTDIR=`dirname $0` | ||||
| RESULTS_FILE=`dirname $0`/results.json | ||||
| STATS_FILE=`dirname $0`/capture_stats.json | ||||
| OUTPUT_FILE=`dirname $0`/program-output.txt | ||||
| RULES_FILE= | ||||
| TEST=trace:all | ||||
| @@ -371,6 +373,7 @@ while true; do | ||||
| 	-r | --root ) ROOT="$2"; shift 2;; | ||||
| 	-s | --source ) SOURCE="$2"; shift 2;; | ||||
| 	-R | --results ) RESULTS_FILE="$2"; shift 2;; | ||||
| 	-S | --stats ) STATS_FILE="$2"; shift 2;; | ||||
| 	-o | --output ) OUTPUT_FILE="$2"; shift 2;; | ||||
| 	-U | --rules ) RULES_FILE="$2"; shift 2;; | ||||
| 	-t | --test ) TEST="$2"; shift 2;; | ||||
| @@ -405,6 +408,11 @@ if [ -z $RESULTS_FILE ]; then | ||||
|     exit 1 | ||||
| fi | ||||
|  | ||||
| if [ -z $STATS_FILE ]; then | ||||
|     echo "An output file for capture statistics must be provided. Not continuing." | ||||
|     exit 1 | ||||
| fi | ||||
|  | ||||
| if [ -z $OUTPUT_FILE ]; then | ||||
|     echo "An file for program output must be provided. Not continuing." | ||||
|     exit 1 | ||||
|   | ||||
| @@ -11,6 +11,8 @@ static void timer_handler (int signum) | ||||
| 	g_save_stats = true; | ||||
| } | ||||
|  | ||||
| extern char **environ; | ||||
|  | ||||
| StatsFileWriter::StatsFileWriter() | ||||
| 	: m_num_stats(0), m_inspector(NULL) | ||||
| { | ||||
| @@ -48,6 +50,30 @@ bool StatsFileWriter::init(sinsp *inspector, string &filename, uint32_t interval | ||||
| 		return false; | ||||
| 	} | ||||
|  | ||||
| 	// (Undocumented) feature. Take any environment keys prefixed | ||||
| 	// with FALCO_STATS_EXTRA_XXX and add them to the output. Used by | ||||
| 	// run_performance_tests.sh. | ||||
| 	for(uint32_t i=0; environ[i]; i++) | ||||
| 	{ | ||||
| 		char *p = strstr(environ[i], "="); | ||||
| 		if(!p) | ||||
| 		{ | ||||
| 			errstr = string("Could not find environment separator in ") + string(environ[i]); | ||||
| 			return false; | ||||
| 		} | ||||
| 		string key(environ[i], p-environ[i]); | ||||
| 		string val(p+1, strlen(environ[i])-(p-environ[i])-1); | ||||
| 		if(key.compare(0, 18, "FALCO_STATS_EXTRA_") == 0) | ||||
| 		{ | ||||
| 			string sub = key.substr(18); | ||||
| 			if (m_extra != "") | ||||
| 			{ | ||||
| 				m_extra += ", "; | ||||
| 			} | ||||
| 			m_extra += "\"" + sub + "\": " + "\"" + val + "\""; | ||||
| 		} | ||||
| 	} | ||||
|  | ||||
| 	return true; | ||||
| } | ||||
|  | ||||
| @@ -73,8 +99,12 @@ void StatsFileWriter::handle() | ||||
| 			delta.n_preemptions = cstats.n_preemptions - m_last_stats.n_preemptions; | ||||
| 		} | ||||
|  | ||||
| 		m_output << "{\"sample\": " << m_num_stats << | ||||
| 			", \"cur\": {" << | ||||
| 		m_output << "{\"sample\": " << m_num_stats; | ||||
| 		if(m_extra != "") | ||||
| 		{ | ||||
| 			m_output << ", " << m_extra; | ||||
| 		} | ||||
| 		m_output << ", \"cur\": {" << | ||||
| 			"\"events\": " << cstats.n_evts << | ||||
| 			", \"drops\": " << cstats.n_drops << | ||||
| 			", \"preemptions\": " << cstats.n_preemptions << | ||||
|   | ||||
| @@ -1,6 +1,8 @@ | ||||
| #pragma once | ||||
|  | ||||
| #include <fstream> | ||||
| #include <string> | ||||
| #include <map> | ||||
|  | ||||
| #include <sinsp.h> | ||||
|  | ||||
| @@ -25,6 +27,6 @@ protected: | ||||
| 	uint32_t m_num_stats; | ||||
| 	sinsp *m_inspector; | ||||
| 	std::ofstream m_output; | ||||
|  | ||||
| 	std::string m_extra; | ||||
| 	scap_stats m_last_stats; | ||||
| }; | ||||
|   | ||||
		Reference in New Issue
	
	Block a user