Leonardo Grasso
1da5514012
new(userspapace/engine): add capture and capture_duration to the engine
...
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
2025-08-12 11:25:43 +02:00
Leonardo Grasso
21350a282c
new(userspapace/engine): add capture and capture_duration to rules loader
...
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
2025-08-12 11:25:43 +02:00
Leonardo Grasso
e6cd74995c
new(userspace/falco): config parsing
...
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
2025-08-12 11:25:43 +02:00
Leonardo Grasso
5ebfa1b05b
new: add config options and docs for capture feature
...
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
2025-08-12 11:25:43 +02:00
José Carlos Chávez
bff2f619df
fix: indentation
...
Co-authored-by: Samuel Gaist <samuel.gaist@idiap.ch>
Signed-off-by: José Carlos Chávez <jcchavezs@gmail.com>
2025-08-11 10:46:35 +02:00
José Carlos Chávez
845e998ab4
fix: moves falco version up as it is duplicated
...
Signed-off-by: José Carlos Chávez <jcchavezs@gmail.com>
2025-08-11 10:46:35 +02:00
José Carlos Chávez
801e8bdbff
chore: adds labels to falco-debian, driver-loader and driver-loader-buster
...
Signed-off-by: José Carlos Chávez <jcchavezs@gmail.com>
2025-08-11 10:46:35 +02:00
José Carlos Chávez
1fb0c85b19
feat: includes sha on the image labels
...
Signed-off-by: José Carlos Chávez <jcchavezs@gmail.com>
2025-08-11 10:46:35 +02:00
Federico Di Pierro
539294595e
update(userspace/engine): bump engine version and checksum.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-08-04 17:12:50 +02:00
Federico Di Pierro
154cde354f
fix(userspace/falco): use proper API to fetch event param[0] as uint32_t.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-08-04 17:12:50 +02:00
poiana
ce8a67a5f4
update(cmake): update libs and driver to latest master.
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-08-04 17:12:50 +02:00
Federico Di Pierro
ec24062b71
chore(userspace/falco): print plugin version info too at plugin loading.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-08-01 18:27:30 +02:00
Federico Di Pierro
08b9e0f065
chore(ci): disable mimalloc for master builds.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-07-28 11:31:05 +02:00
Federico Di Pierro
3dce2f030d
fix(cmake,userspace): fix usage and build of mimalloc.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-07-25 16:58:43 +02:00
Federico Di Pierro
687c3e147d
update(cmake): bump mimalloc to 3.1.5.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-07-25 16:58:43 +02:00
Federico Di Pierro
e13e384d37
new(ci): add optional input to reusable_build_packages workflow to enable jemalloc or mimalloc.
...
Enable mimalloc in all CIs but release CI (keep it with jemalloc for now).
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-07-25 16:58:43 +02:00
Federico Di Pierro
6a4fa5dfce
new(cmake,userspace/falco): add mimalloc allocator library support.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-07-25 16:58:43 +02:00
dependabot[bot]
cf792a0700
chore(deps): Bump submodules/falcosecurity-rules
...
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules ) from `1208816` to `be38001`.
- [Release notes](https://github.com/falcosecurity/rules/releases )
- [Commits](120881647a...be3800132f
2025-07-25 10:56:44 +02:00
Leonardo Grasso
8dee7a075e
docs(falco.yaml): avoid out-of-sync config options for container plugin
...
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
2025-07-24 17:00:41 +02:00
Mariell Hoversholm
c3fc9e0d0f
fix(restart_handler): disable if there is no work
...
When there is no work to do, i.e. when all config watching is disabled,
there is no need to keep the restart_handler running. Disable it in this
case.
This is helpful to do on nodes where there is little to no headroom in
terms of open inotify watches (as per the inotify/max_user_instances
configuration), as can happen on nodes populated with other software
that also watch the filesystem for changes. If Falco is run on such a
node, it may fail to start due to functionality the app does not even
intend on using.
This has one change in terms of behaviour, however: the dry-run restarts
will no longer occur. As there is still never going to happen a real
restart, I understand it as unlikely for there to be a proper need for
dry-run restarts.
Signed-off-by: Mariell Hoversholm <mariell@grafana.com>
2025-07-24 12:56:39 +02:00
Federico Di Pierro
5e2925bc95
update(cmake): bumped cpp-httplib dep to v0.23.1 (latest release).
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-07-22 14:32:28 +02:00
Leonardo Di Giovanna
ca291b0eaf
update(userspace/engine): update falco engine version and checksum
...
Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
2025-07-22 14:30:29 +02:00
poiana
4deb2bdf31
update(cmake): update libs and driver to latest master.
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-07-22 11:40:29 +02:00
Leonardo Di Giovanna
8956279d47
build: fix debian:buster apt debian repo URL in driver-loader-buster
...
As buster reached its EOL, the official debian repo URL doesn't
host anymore buster packages info. For this reason, change the URLs
to point to the `20250630T203427Z` snapshot, which still contains
them.
Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
2025-07-18 12:02:10 +02:00
poiana
0c12b44bc6
update(cmake): update libs and driver to latest master.
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-07-02 17:22:29 +02:00
Leonardo Di Giovanna
33e6e1ef61
update(CHANGELOG.md): release 0.41.3
...
Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
2025-07-02 16:29:30 +02:00
dependabot[bot]
25be186548
chore(deps): Bump submodules/falcosecurity-rules
...
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules ) from `4d51b18` to `1208816`.
- [Release notes](https://github.com/falcosecurity/rules/releases )
- [Commits](4d51b1813f...120881647a
2025-07-02 12:22:28 +02:00
Federico Di Pierro
ea9e86d9e0
update(userspace): bump engine version and checksum.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-06-30 14:25:18 +02:00
Federico Di Pierro
b2c76769cf
fix(userspace/falco): enforce filtercheck overlap check for static fields too against plugin fields.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
Co-authored-by: Jason Dellaluce <jasondellaluce@gmail.com>
2025-06-30 14:25:18 +02:00
Federico Di Pierro
07266e1247
new(userspace/falco): append static filterchecks with static fields.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-06-30 14:25:18 +02:00
Federico Di Pierro
8d8ba5ba5c
new(userspace/falco): add new static_fields config key + update schema.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-06-30 14:25:18 +02:00
Leonardo Di Giovanna
2ed1f0ffec
docs(RELEASE.md): remove some unneeded old activities
...
Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
2025-06-18 15:38:05 +02:00
Leonardo Di Giovanna
f146204623
docs(RELEASE.md): fix falcosecurity/community repo link
...
Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
2025-06-18 15:38:05 +02:00
Leonardo Di Giovanna
56bf4933e7
docs(RELEASE.md): fix rn2md command documentation
...
Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
2025-06-18 15:38:05 +02:00
Leonardo Di Giovanna
d4e69e8c5a
docs(RELEASE.md): fix release note checking procedure documentation
...
Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
2025-06-18 15:38:05 +02:00
poiana
a9386b37f2
update(cmake): update libs and driver to latest master.
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-06-17 16:22:45 +02:00
Leonardo Di Giovanna
25daddbf29
update(CHANGELOG.md): release 0.41.2
...
Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
2025-06-17 15:39:45 +02:00
Leonardo Grasso
720d3e61f2
chore(falco.yaml): clean up plugins config leftover
...
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
2025-06-13 10:35:16 +02:00
Melissa Kilby
d55be4b29f
doc(OWNERS): move incertum (Melissa Kilby) to emeritus_approvers
...
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
2025-06-13 09:48:17 +02:00
dependabot[bot]
3d38e130fc
chore(deps): Bump submodules/falcosecurity-rules
...
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules ) from `b4437c4` to `4d51b18`.
- [Release notes](https://github.com/falcosecurity/rules/releases )
- [Commits](b4437c492f...4d51b1813f
2025-06-12 09:45:10 +02:00
Federico Di Pierro
4418bf2101
update(userspace/engine): bump engine version and checksum.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-06-09 12:19:53 +02:00
poiana
43cd120030
update(cmake): update libs and driver to latest master.
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-06-09 12:19:53 +02:00
Denis Romanenko
5b1c6886e5
Fix alpine build
...
Signed-off-by: Denis Romanenko <denis.romanenko@flant.com>
2025-06-09 12:18:54 +02:00
Federico Di Pierro
f3b4f68ecd
update(docs): bump CHANGELOG.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-06-05 14:48:30 +02:00
Federico Di Pierro
7a349a3e87
update(userspace/engine): bump engine version and checksum.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-06-03 11:12:11 +02:00
FedeDP
0eb0b40c45
update(cmake): update libs and driver to latest master.
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-06-03 11:12:11 +02:00
Federico Di Pierro
9055811d79
fix(userspace/falco): when collecting metrics for stats_writer, create a libs_metrics_collector for each source.
...
In case multiple sources are enabled, each source has its own `libs_metrics_collector`
with correct flags, so that it can retrieve all metrics.
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-06-02 10:42:59 +02:00
Federico Di Pierro
2346a397f7
chore(userspace/falco): fix build for non linux minimal builds.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-05-30 19:05:38 +02:00
Federico Di Pierro
24f92dfdbc
fix(userspace/falco): only enable prometheus metrics once all inspectors have been opened.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-05-30 19:05:38 +02:00
Federico Di Pierro
1d51203c29
update(docs): bumped changelog for release.
...
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
2025-05-29 11:12:24 +02:00
