github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-09-15 22:38:26 +00:00
Code Issues Projects Releases Wiki Activity
4,161 Commits 119 Branches 173 Tags
fix/use_plugin_name
Commit Graph

1334 Commits

Author SHA1 Message Date
Leonardo Grasso
aa8edadf68 new(userspace/falco): http output C++ impl 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-10-13 05:12:00 -04:00
Leonardo Grasso
6ecc691c68 new(userspace/falco): gRPC output C++ impl 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-10-13 05:12:00 -04:00
Leonardo Grasso
4d61f1c739 new(userspace/falco): file output C++ impl 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-10-13 05:12:00 -04:00
Leonardo Grasso
7b70f3c2ef new(userspace/falco): stdout output C++ impl 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-10-13 05:12:00 -04:00
Leonardo Grasso
8371d1955a chore(userspace/falco): refine falco_output interface 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-10-13 05:12:00 -04:00
Leonardo Grasso
270c3fa910 new(userspace/falco): base class for Falco outputs 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-10-13 05:12:00 -04:00
Leonardo Grasso
0a2eab3f19 chore(userspace/falco): clean up lua deps from logger 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-10-13 05:12:00 -04:00
Leonardo Grasso
ac2a9a35cb chore(userspace/falco): remove lua code for outputs 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-10-13 05:12:00 -04:00
Leonardo Grasso
85aa337b63 update(userspace/engine): refactor falco_formats to accept non-lua callers 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-10-13 05:12:00 -04:00
Radu Andries
bc1aeaceb2 feat(falco): Provide a parameter for loading lua files from an alternate path 
This will be used by the static build to load lua files from
alternate directories that are not tied to the compile flags

Signed-off-by: Radu Andries <radu.andries@sysdig.com>
 2020-09-29 18:05:10 +02:00
Leonardo Grasso
d2dbe64723 update: bump Falco engine version to 7 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-09-13 22:54:00 +02:00
Leonardo Di Donato
9a29203a4d build: engine fields checksum only when not building the minimal Falco 
Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-09-10 15:01:07 +02:00
Lorenzo Fontana
00d930199f build: strip userspace/falco/falco in release when building with musl 
optimizations

Co-Authored-By: Leonardo Grasso <me@leonardograsso.com>
Signed-off-by: Lorenzo Fontana <fontanalorenz@gmail.com>
 2020-09-10 15:01:07 +02:00
Leonardo Grasso
c46dbc7f11 build: remove gRPC, openssl, curl from minimal build 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-09-10 15:01:07 +02:00
Leonardo Grasso
b7e75095e6 build(userspace): avoid openssl dep for engine fields verification 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-09-10 15:01:07 +02:00
Leonardo Grasso
68f937f5e8 build: disallow k8s audit trace file when minimal build 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-09-10 15:01:07 +02:00
Leonardo Grasso
bdd14604d4 build: remove webserver from minimal build 
Co-Authored-By: Lorenzo Fontana <fontanalorenz@gmail.com>
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-09-10 15:01:07 +02:00
Leonardo Grasso
385d6eff6d fix(userspace/falco): do not always rethrow the exception 
Co-Authored-By: Lorenzo Fontana <fontanalorenz@gmail.com>
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-08-25 14:27:40 +02:00
Lorenzo Fontana
feb39010bb build: include openssl libraries in falco 
Signed-off-by: Lorenzo Fontana <fontanalorenz@gmail.com>
 2020-08-20 19:26:56 +02:00
Leonardo Grasso
4346e98f20 feat(userspace/falco): print version at startup 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-07-16 22:35:56 +02:00
Lorenzo Fontana
c03f563450 build: libyaml in bundled deps 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-07-16 19:34:39 +02:00
Lorenzo Fontana
a447b6996e fix(userspace): rethrow inspector open exceptions 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <fontanalorenz@gmail.com>
 2020-07-15 18:33:50 +02:00
Leonardo Di Donato
596e7ee303 fix(userspace/falco): try to insert kernel module driver conditionally 
Do it only when not running with userspace instrumentation enabled and
the syscall input source is enabled (!disable_syscall)

Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-15 18:33:50 +02:00
Leo Di Donato
1343fd7e92 update(userspace/falco): userspace instrumentation help line 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-15 18:33:50 +02:00
Kris Nova
1954cf3af3 update(userspace/falco): edits to the falco CLI 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
Co-authored-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-15 18:33:50 +02:00
Kris Nova
bc8f9a5692 feat(cli): adding -u to the usage text 
Signed-off-by: Kris Nova <kris@nivenly.com>
 2020-07-15 18:33:50 +02:00
Loris Degioanni
c743f1eb68 feat(cli): adding -u to flip inspector method calls 
udig support through the -u command line flag

Signed-off-by: Kris Nóva <kris@nivenly.com>
Co-authored-by: Kris Nóva <kris@nivenly.com>
 2020-07-15 18:33:50 +02:00
Leonardo Grasso
de147447ed update(userspace/falco): rename --stats_interval to --stats-interval 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-07-08 17:55:16 +02:00
Leonardo Di Donato
825e249294 update(userspace/falco): rename --stats_interval to --stats-interval 
To match the style of other long flags of the Falco CLI.

Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-08 17:55:16 +02:00
Leonardo Di Donato
00689a5d97 fix(userspace/falco): allow stats interval greather than 999 
milliseconds

Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-08 17:55:16 +02:00
Leonardo Di Donato
c7ac1ef61b update(userspace/engine): const correctness for json_event class 
Co-authored-by: Nathan Baker <nathan.baker@sysdig.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-07 21:19:08 +02:00
Leonardo Di Donato
553856ad68 chore(userspace): log the gRPC threadiness 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-07 13:42:09 +02:00
Leonardo Di Donato
2d52be603d update(userspace/falco): gRPC server threadiness 0 by default (which 
means "auto")

The 0 ("auto") value sets the threadiness to the number of online cores
automatically.

Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-07 13:42:09 +02:00
Leonardo Di Donato
75e62269c3 new: hardware_concurrency helper 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-07 13:42:09 +02:00
Leonardo Grasso
fecf1a9fea fix(userspace/falco/lua): correct argument 
This explain why `buffered_output: false` was not honored for stdout

Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-07-03 11:45:00 +02:00
Lorenzo Fontana
352307431a fix: update k8s audit endpoint to /k8s-audit everywhere 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-07-01 13:29:51 +02:00
Leonardo Grasso
82e0b5f217 fix(userspace/falco): honor -M also when using a trace file 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-06-30 13:04:03 +02:00
Lorenzo Fontana
9eb0b7fb5f update(userspace/falco): avoid memory allocation for falco output 
response

Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-06-29 20:42:50 +02:00
Lorenzo Fontana
869d883dc7 update(userspace/falco): better gRPC server logging 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-06-29 20:42:50 +02:00
Leonardo Di Donato
b88767f558 bc(userspace/falco): the Falco gRPC Outputs API are now "falco.outputs.service/get" and "falco.outputs.service/sub" 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-06-29 20:42:50 +02:00
Leonardo Di Donato
bdbdf7b830 update(userspace/falco): pluralize Falco output proto and service 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-06-29 20:42:50 +02:00
Lorenzo Fontana
3d9bc8f67b update(userspace/falco): remove keepalive from output request 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-06-29 20:42:50 +02:00
Lorenzo Fontana
c89c11c3c4 update(userspace/falco): remove output queue size 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-06-29 20:42:50 +02:00
Lorenzo Fontana
5bd9ba0529 update(userspace/falco/grpc): simpler bidirectional context state 
transitions

Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-06-29 20:42:50 +02:00
Lorenzo Fontana
b9e6d65e69 update(userspace/falco/grpc): bidirectional sub implementation 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-06-29 20:42:50 +02:00
Lorenzo Fontana
0d194f2b40 update(userspace/falco/grpc): for stream contexts use a flag to detect 
if it is still running or not

Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-06-29 20:42:50 +02:00
Lorenzo Fontana
d9f2cda8cf update(userspace/falco/grpc): dealing with multiple streaming requests 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-06-29 20:42:50 +02:00
Leonardo Di Donato
2ebc55f897 wip(userspace/falco): bidirectional gRPC outputs logic (initial) 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-06-29 20:42:50 +02:00
Leonardo Di Donato
01ae8701d9 new(userspace/falco): concrete initial implementation of the subscribe gRPC service 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-06-29 20:42:50 +02:00
Leonardo Di Donato
be6c4b273d new(userspace/falco): gRPC context for bidirectional services 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-06-29 20:42:50 +02:00