github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-28 07:37:32 +00:00
Code Issues Projects Releases Wiki Activity
4,773 Commits 121 Branches 172 Tags 104 MiB
1e455f30a6
Commit Graph

4773 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Federico Di Pierro
ad13cb6014 update(cmake): bump libs to 0.18.0 and driver to 7.3.0+driver. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-18 10:28:52 +02:00
Federico Di Pierro
6f1a741c7e chore(userspace/falco): deprecate cri related CLI options. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-18 09:35:52 +02:00
Federico Di Pierro
fa701dd52f fix(userspace/engine): improve rule json schema to account for source and required_plugin_versions. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-17 17:34:51 +02:00
Federico Di Pierro
6b634df56e update(cmake): bump libs and driver to 0.18.0-rc2. 
Moreover, bumped falcoctl to v0.10.0 and rules to 3.2.0.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-16 16:04:48 +02:00
Luca Guerra
037d7f9b36 cleanup(falco): use a header file for rule json schema 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-16 09:59:46 +02:00
Luca Guerra
ed4fb33981 cleanup(falco): use header file for json schema 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-16 09:59:46 +02:00
Luca Guerra
cd0d607f14 update(falco): add warning if the append condition does not appear to make sense 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-13 15:58:36 +02:00
Luca Guerra
5c959d0b1b update(falco): use std::include for readability 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-13 15:58:36 +02:00
Luca Guerra
a2336f186e update(falco): update json schema 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-13 15:58:36 +02:00
Luca Guerra
7005983409 update(engine): modify append_output format 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-13 15:58:36 +02:00
Melissa Kilby
d3c6a7478e update(falco_metrics): change prometheus rules metric naming 
Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-09-13 11:25:36 +02:00
Federico Di Pierro
d1644079e9 chore(userspace/falco): updated configuration schema. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-12 15:26:33 +02:00
Melissa Kilby
9089262569 update(falco_metrics): add kernel_event_counters_per_cpu_enabled config 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-09-12 15:26:33 +02:00
Melissa Kilby
2ceb6ecf0f update(Falco_metrics): fix prom subsystem for some scap vs falco metrics 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-09-12 15:26:33 +02:00
Melissa Kilby
2badce1714 update(falco_metrics): adjust sha256 prometheus name, remove double falco_ 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-09-12 15:26:33 +02:00
Melissa Kilby
4f35b3e4e2 update(falco_metrics): apply reviewers suggestions 
Co-authored-by: Federico Di Pierro <nierro92@gmail.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-09-12 15:26:33 +02:00
Melissa Kilby
9669a4a0bb update(falco_metrics): rearrange evts and drops prometheus metrics 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-09-12 15:26:33 +02:00
Andrea Terzolo
55069c8a0a chore: scaffolding for enabling code formatting 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2024-09-11 19:03:31 +02:00
Luca Guerra
bc7394b8c3 new(falco): add json_include_message_property option 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-11 17:52:32 +02:00
Federico Di Pierro
0f26e3c9ed chore(userspace): adjusted rule_loader::result::as_verbose_string following errors and warnings output layout. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-11 13:20:31 +02:00
Federico Di Pierro
468037151a chore(userspace,unit_tests): properly report all schema validation warnings from yaml_helper::validate_node(). 
`-V` option will print all warnings, while normal run will only print foremost warning.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-11 13:20:31 +02:00
Federico Di Pierro
2f89a2c140 chore(userspace): added schema validation info to rule_loader::result as_json and as_string outputs. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-11 13:20:31 +02:00
Federico Di Pierro
1f9bea5a0b update(userspace/engine): fixed priorities in rules schema. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>

Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
 2024-09-11 13:20:31 +02:00
Federico Di Pierro
c8361efea7 chore(userspace/falco): reverted file to master version. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-11 13:20:31 +02:00
Federico Di Pierro
118e82ae01 cleanup(userspace): drop unused includes from yaml_helper. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-11 13:20:31 +02:00
Federico Di Pierro
a392e1ed2d chore(userspace): minified rule schema json. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-11 13:20:31 +02:00
Federico Di Pierro
5bd2d5a63e cleanup(userspace,unit_tests): moved rule schema under engine. 
Also, moved yaml_helper under engine/ folder.
Ported rule json schema validation in the engine.

Also, updated rule_loader tests to check for validation.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-11 13:20:31 +02:00
Federico Di Pierro
895e50d3a0 new(userspace): added json schema validation for rules. 
Also, a new `--rule-schema` cli option was added to print the schema and leave.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-11 13:20:31 +02:00
Federico Di Pierro
d14825faf0 update(userspace/engine): bump engine version and checksum. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-11 13:15:31 +02:00
Federico Di Pierro
7f9211d817 update(cmake): bump libs and driver to 0.18.0-rc1. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-11 13:15:31 +02:00
Federico Di Pierro
a6f31058c1 fix(ci): restore master and release CI workflow permissions. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-10 12:23:28 +02:00
Aldo Lacuku
0034c3f082 update(cmake): bump falcoctl to v0.10.0-rc1 
Signed-off-by: Aldo Lacuku <aldo@lacuku.eu>
 2024-09-09 15:52:23 +02:00
Luca Guerra
df072dace7 update(libsinsp/tests): add CLI options test for append output 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-09 15:31:24 +02:00
Luca Guerra
ddc736057f cleanup(falco): apply review suggestion about extra_output_field_t 
Signed-off-by: Luca Guerra <luca@guerra.sh>
Co-authored-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-09 15:31:24 +02:00
Luca Guerra
aeb4126ce2 fix(falco): update json schema 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-09 15:31:24 +02:00
Luca Guerra
8a19f1b135 update(tests): add message for failing configuration schema test 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-09 15:31:24 +02:00
Luca Guerra
3c95c0512d new(falco): add append_output explanation to falco.yaml 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-09 15:31:24 +02:00
Luca Guerra
63784e06ef new(falco): add json schema for append_output 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-09 15:31:24 +02:00
Luca Guerra
d210ed2e4f new(app): add append_output configuration option with fields and format 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-09 15:31:24 +02:00
Francesco Furlan
00ff9d82ea ci(insecure-api): update semgrep docker image 
Signed-off-by: Francesco Furlan <francesco.furlan@sysdig.com>
 2024-09-09 15:03:24 +02:00
Federico Di Pierro
f3eecb6b21 new(userspace/falco): added --config-schema action to print config schema. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-06 09:51:10 +02:00
Federico Di Pierro
dabfe0e154 cleanup(userspace/falco): drop deprecated -t,-T,-D options. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-09-06 09:26:10 +02:00
Luca Guerra
36d6951e77 new(falco): add test for object cli configuration, minor test fix 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-06 09:25:11 +02:00
Luca Guerra
5b6810a51e new(falco): enable -o key={object} configuration 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-09-06 09:25:11 +02:00
harshitasao
24a70da976 made required changes 
Signed-off-by: harshitasao <harshitasao@gmail.com>
 2024-09-04 22:00:06 +02:00
harshitasao
9f180b989a fixed the token-permission and pinned-dependencies issue 
Signed-off-by: harshitasao <harshitasao@gmail.com>
 2024-09-04 22:00:06 +02:00
Bill Vandenberk
4053c6e1cc Apply suggestions from code review 
Formatting and case, adds links

Co-authored-by: Federico Di Pierro <nierro92@gmail.com>
Signed-off-by: Bill Vandenberk <bill@vandenberk.me>
 2024-08-30 10:22:41 +02:00
Bill Vandenberk
8030c03334 fix spelling 
Signed-off-by: Bill Vandenberk <bill@vandenberk.me>
 2024-08-30 10:22:41 +02:00
Bill Vandenberk
32550dad26 add newline to end of config file 
Signed-off-by: Bill Vandenberk <bill@vandenberk.me>
 2024-08-30 10:22:41 +02:00
Bill Vandenberk
c587d8efc7 add missing changes 
Signed-off-by: Bill Vandenberk <bill@vandenberk.me>
 2024-08-30 10:22:41 +02:00