github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2026-04-02 18:12:15 +00:00
Code Issues Projects Releases Wiki Activity
4,563 Commits 127 Branches 184 Tags
576f3164d8007ea4e7ea775b9d5971117ade8bcd
Commit Graph

545 Commits

Author SHA1 Message Date
Jason Dellaluce
d7cbf9c7c9 refactor(userspace): move falco logger under falco engine 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-05-28 15:33:47 +02:00
Melissa Kilby
c15a309781 clenaup: add sanitize_metric_name helper 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-05-17 14:54:58 +02:00
Melissa Kilby
0195dba889 cleanup: add getter functions to stats_manager 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-05-17 14:54:58 +02:00
Melissa Kilby
b7adcd251d new(metrics): add rules_counters_enabled option 
Intended to replace https://github.com/falcosecurity/falco-exporter
when used with Prometheus output

Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-05-17 14:54:58 +02:00
Jason Dellaluce
e211e97e2a fix(userspace/engine): make sure exception fields are not optional in replace mode 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-05-17 14:38:57 +02:00
Melissa Kilby
6057c1553e cleanup(engine): print total number of enabled rules 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-05-16 10:29:53 +02:00
Melissa Kilby
77341cbd2e new(engine): add print_enabled_rules_falco_logger when log_level debug 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-05-16 10:29:53 +02:00
Luca Guerra
35bd348e21 new(falco): implement rule selection configuration in falco.yaml 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-05-14 12:47:46 +02:00
Melissa Kilby
91b58c43f1 chore: fix non linux build metrics 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-05-14 10:08:51 +02:00
Melissa Kilby
67a5015be7 cleanup(metrics): use filesystem lib to derive file names + build fix 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-05-14 10:08:51 +02:00
Melissa Kilby
2b80cf85ac new(utils): add new helper to calculate file sha256sum 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-05-14 10:08:51 +02:00
Jason Dellaluce
f18ea1e8b7 update(userspace/engine): support tranformers in exception fields 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-05-08 20:23:55 +02:00
Jason Dellaluce
fa8e780b07 update(userspace/engine): propagate compiler warnings 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-05-08 20:23:55 +02:00
Jason Dellaluce
bc078f1f63 update(userspace/engine): support comparins with right-hand fields 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-05-08 20:23:55 +02:00
Jason Dellaluce
ed22e94292 refactor(userspace/libsinsp): support new filter ast structure in falco engine 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-05-08 20:23:55 +02:00
Federico Aponte
62d1c4fc4d refactor: smart pointer usage 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-05-06 11:10:44 +02:00
Federico Di Pierro
6954a4028e chore(userspace/engine): bump version and checksum. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-05-03 12:12:02 +02:00
Gianmatteo Palmieri
eb04b1c66f fix(test): expect warning instead of error on invalid macro/list name 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-04-17 11:27:52 +02:00
Gianmatteo Palmieri
dd59c48034 new(engine): raise warning instead of error on invalid macro/list name 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-04-17 11:27:52 +02:00
Gianmatteo Palmieri
83910be726 new(engine): raise warning instead of error on not-unique exceptions names 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-04-11 17:22:28 +02:00
Gianmatteo Palmieri
7234bc5bee chore(engine): bump engine version 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-04-03 18:23:53 +02:00
Gianmatteo Palmieri
05c434ed89 new(engine): enforce unique exceptions names 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-04-03 18:23:53 +02:00
Luca Guerra
1aae10fe84 update(engine): bump engine checksum and version 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2024-03-29 10:16:23 +01:00
Gianmatteo Palmieri
7086f35eba new(engine): add warning when appending an exception with no values 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-03-27 09:15:13 +01:00
Gianmatteo Palmieri
d1707bef63 fix(engine): apply output substitutions for all sources 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-03-25 19:33:06 +01:00
Andrea Terzolo
0ce2b95b89 chore: bump falco engine version 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2024-03-12 16:29:17 +01:00
Federico Aponte
8dbec6c779 refactor: Use FetchContent for integrating bundled yaml-cpp lib 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-03-11 13:57:15 +01:00
Federico Aponte
bc499e191d refactor: Use FetchContent for integrating bundled nlohman-json lib 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-03-11 13:57:15 +01:00
Gianmatteo Palmieri
517b79ee13 chore(engine): bump engine version 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-03-08 00:02:01 +01:00
Gianmatteo Palmieri
7265190e66 new(engine): don't expose details in error message 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-03-08 00:02:01 +01:00
Gianmatteo Palmieri
f00926b8af new(engine): error on invalid macro/list name 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-03-08 00:02:01 +01:00
Melissa Kilby
5185f152c5 new(config): add falco_libs.thread_table_size 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2024-03-05 11:36:51 +01:00
Samuel Gaist
f9b17b67f8 refactor(engine): fix variable / function shadowing 
Improve variable names in the code surrounding the changes.

Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>
 2024-02-29 16:20:34 +01:00
Gianmatteo Palmieri
ea781477d6 fix(engine): logical issue in exceptions condition 
Signed-off-by: Gianmatteo Palmieri <mail@gian.im>
 2024-02-28 08:28:26 +01:00
Federico Aponte
f6af72fe76 cleanup: too many includes and useless defines 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-02-26 14:59:22 +01:00
Federico Aponte
4d66a50d5b fix: pessimizing move warning 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-02-26 14:59:22 +01:00
Federico Aponte
59c14f46a2 refactor: shared_ptr construction 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-02-26 14:59:22 +01:00
Jason Dellaluce
c13cf79aab update(engine): bump engine version 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-02-23 11:39:07 +01:00
Jason Dellaluce
0ec2a6c708 refactor(userspace): reduce usage of raw pointers 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-02-23 11:39:07 +01:00
Jason Dellaluce
b515f0a079 refactor(usersapace): adapt to changes libs 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-02-23 11:39:07 +01:00
Federico Aponte
745d18ba38 refactor: test AtomicSignalHandler.handle_once_wait_consistency 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-02-20 15:19:56 +01:00
Samuel Gaist
5e497a4119 fix(c++): improve const correctness 
Reported by cppcheck

Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>
 2024-02-15 22:16:33 +01:00
Federico Aponte
7a18795ca5 cleanup: falco_engine deps and include paths 
Signed-off-by: Federico Aponte <federico.aponte@sysdig.com>
 2024-02-15 10:08:30 +01:00
Samuel Gaist
42f90817ad refactor: make falco_exception a std::runtime_error 
The implementation provides more or less the same implementation
and thus it makes more sense to base it on std::runtime_error.

Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>
 2024-02-12 18:45:18 +01:00
Samuel Gaist
f6498cd8bd fix(c++): refactor member initialization in constructor initialization list 
Reported by cppcheck

Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>

# Conflicts:
#	userspace/engine/falco_common.h
 2024-02-12 18:45:18 +01:00
Samuel Gaist
08f62200b1 fix(c++): add missing explicit to single argument constructors 
Reported by cppcheck

Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>
 2024-02-12 16:59:17 +01:00
Jason Dellaluce
0cc1c5b44f refactor(userspace/engine): reduce allocations during rules loading 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-02-09 14:50:05 +01:00
Federico Di Pierro
7879920570 chore(userspace/engine): introduce proper check to avoid future issues throwing an exception. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2024-02-08 15:13:59 +01:00
Federico Di Pierro
7bcbc08b52 fix(userspace/engine): always consider all rules (even the ones below min_prio) in m_rule_stats_manager. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>

Co-authored-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2024-02-08 15:13:59 +01:00
Jason Dellaluce
039069d0e1 update(engine): bump engine version and checksum 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2024-02-06 10:25:53 +01:00