github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-27 23:27:20 +00:00
Code Issues Projects Releases Wiki Activity
2,552 Commits 121 Branches 172 Tags 104 MiB
a94e6de458
Commit Graph

2552 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Henri DF
42de0507fa search for yaml config file 
In order:
1) cmdline opt
2) in-tree path
3) /etc/digwatch.yaml
 2016-04-12 23:14:44 +00:00
Henri DF
73ec593931 Add a configuration::init() that just sets up defaults 
(For when no config file is being used)
 2016-04-12 23:13:18 +00:00
Henri DF
dc099bfb91 Add configuration object and Yaml parser 
These aren't wired up yet.
 2016-04-12 23:13:15 +00:00
Henri DF
af4089dac3 Build and link yaml-cpp lib 2016-04-12 23:13:12 +00:00
Henri DF
997fec2d4b Merge pull request #24 from draios/read-files 
Add support for reading .scap files
 2016-04-08 16:53:04 -07:00
Henri DF
b4859015ea Add support for reading .scap files 2016-04-08 16:51:16 -07:00
Henri DF
28b21eb5b3 Merge pull request #23 from draios/config 
Command-line options simplification
 2016-04-07 16:28:07 -07:00
Henri DF
709568b578 Command-line options simplification 
Remove -N and always turn resolution off. Given the possible performance
impact, there shouldn't even be a way to have it on.
 2016-04-07 15:12:15 -07:00
Henri DF
a96816cc5d Add some simple example rules 2016-04-06 23:13:15 +00:00
Henri DF
5c4dc93e97 Merge pull request #22 from draios/no-env-var 
No env var
 2016-04-06 16:07:52 -07:00
Henri DF
dcbae750c8 Remove the need for DIGWATCH_LUA_DIR env var 2016-04-06 23:05:41 +00:00
Henri DF
c7d0c7dbd9 Remove unneeded -m <lua_main_filename> param 2016-04-06 23:05:41 +00:00
Henri DF
b4f69bf6f6 Merge pull request #21 from draios/syslog 
Remove dep on nixio by adding simple syslog lua function
 2016-04-06 11:45:38 -07:00
Henri DF
f7ba825023 Remove dep on nixio by adding simple syslog lua function 2016-04-06 11:44:00 -07:00
Henri DF
cddc56d179 Merge pull request #20 from draios/packaging 
Packaging
 2016-04-04 21:58:39 -07:00
Henri DF
77440750e6 Load probe 2016-04-04 18:39:42 -07:00
Henri DF
d96336ccaa Packaging: remove driver and add dep on sysdig package 2016-04-04 18:01:05 -07:00
Henri DF
86e1eeffb2 Statically link in lpeg lua library 2016-04-04 15:07:16 -07:00
Henri DF
8b748d5bcd readme change 2016-03-31 21:19:55 -07:00
Henri DF
39b1f64510 Packaging: Bundle lua files 2016-03-31 21:18:23 -07:00
Henri DF
aa337f169c Change package name: draios-digwatch-> digwatch 2016-03-31 21:11:07 -07:00
Henri DF
171d58c805 Packaging 
- add debian pre/post scripts
- make tgz and rpm (as well as deb)
 2016-03-31 20:48:24 -07:00
Henri DF
0cfb89ffb4 Add digwatch.conf to package, install to /etc 2016-03-31 20:47:00 -07:00
Henri DF
8546e970f0 rename rules file 2016-03-31 20:29:41 -07:00
Henri DF
e8eb1d8ddb Update README.md 2016-03-31 19:11:24 -07:00
Henri DF
37d0f7d3e0 Build .deb, .rpm, and .tgz 2016-03-31 18:54:52 -07:00
Henri DF
8ae908fe85 Rework cmake files 
Rather than do include_directory() on the whole sysdig repo, just do it
for driver, libscap, and libsinp.

This is a step on the way to building a digwatch package.
 2016-03-31 18:39:49 -07:00
Henri DF
9c459f6692 Merge pull request #19 from draios/rework-outputs 
Rework outputs
 2016-03-30 15:54:28 -07:00
Henri DF
c9806407e8 Priority level internal handling 
Handle internally as ints, then translate as appropriate in outputs
 2016-03-30 14:38:18 -07:00
Henri DF
d6dee28bbe Output simplification 
The Output is now chosen globally (for all rules), on the command line.
 2016-03-30 14:27:19 -07:00
Henri DF
f44bd06f1d Remove unused/unimplemented options 2016-03-30 13:20:31 -07:00
Henri DF
5f0123317a Remove function outputs from grammar 2016-03-30 13:00:51 -07:00
Henri DF
a9fc4d2b09 Merge pull request #18 from draios/priorities 
Priorities
 2016-03-30 12:55:49 -07:00
Henri DF
aef0be3027 Add priorities to all outputs 
For now, all are WARNING. Will need to refine/adjust over time.
 2016-03-30 12:54:46 -07:00
Henri DF
6158168a97 Grammar support for priorities 2016-03-29 21:35:07 -07:00
Henri DF
7fcd0b98a0 Merge pull request #17 from draios/implicit-time 
Implicit time
 2016-03-29 19:56:01 -07:00
Henri DF
38957d3b14 Add timestamp in function outputs 2016-03-29 19:54:15 -07:00
Henri DF
97d7b125ba Implicit time in output formats 
As pointed out by Loris, timestamping output messages should be a
responsibility of the output/collection system.

So as a first step towards this, add timestamps automatically for output
formats, and remove them from rules.
 2016-03-29 19:47:57 -07:00
Henri DF
bc7f955127 rules: fix error in zookeeper_port 2016-03-29 19:47:18 -07:00
Henri DF
2d6c6d7d2d Merge pull request #16 from draios/more-service-rules 
More service rules
 2016-03-29 19:36:44 -07:00
Henri DF
cfb6e56877 Merge pull request #15 from draios/error-handling-improvements 
Minor error handling improvements
 2016-03-29 19:32:56 -07:00
Henri DF
aea9b0054b Minor error handling improvements 2016-03-29 19:31:34 -07:00
Henri DF
08afde0858 Add mysql rules 2016-03-29 22:16:15 +00:00
Henri DF
1e003fc0a6 Add more services to rules file 
(HBase, Kafka, Memcached, MongoDB)
 2016-03-29 22:16:15 +00:00
Henri DF
1d1a14acf9 Tweak comments in rules file 2016-03-29 22:16:15 +00:00
Henri DF
019e76114e Merge pull request #14 from draios/fast-ins 
Use new sysdig support for fast processing of in-exprs
 2016-03-29 14:59:24 -07:00
Henri DF
faf36cd8d7 Use new sysdig support for fast processing of in-exprs 2016-03-24 14:25:48 -07:00
Henri DF
85772a387b Merge pull request #13 from draios/paren-optimization 
Optimization: don't nest at every boolean op
 2016-03-18 13:11:34 -07:00
Henri DF
aa31d0a0fb Optimization: don't nest at every boolean op 2016-03-18 13:10:07 -07:00
Henri DF
bbcedef54a Some tweaks to rules 2016-03-18 13:09:17 -07:00