github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-07-06 19:29:09 +00:00
Code Issues Projects Releases Wiki Activity
3,915 Commits 117 Branches 173 Tags 104 MiB
aa62b65c70
Commit Graph

3915 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Leonardo Di Donato
b19cb3678f fix(userspace/falco): pop output fields lua table and correctly check parameters on the stack 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
54b3aa9129 fix(userspace/falco): distinguish between sinsp and json events when resolving tokens 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
944b46cb67 new(userspace/engine): json event to map type 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Lorenzo Fontana
0565ce2f50 fix(userspace/falco): grpc server implementation subscribe handle output queue stop 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
d35971e1bc update(userspace/engine): resolve token 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
836094b28e chore: typos and miscellanea 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
c96f096821 new(userspace/falco): config certificates for the gRPC server 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
f7c19517de update: grpc server disabled by default 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
6800fe2ec6 fix(userspace/falco): handle grpc server thread stop gracefully 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
495c30c87a fix(userspace/falco): correcly log SIGINT handling (fixes #791) 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
b0acff30bd new(userspace/falco): shutdown method for grpc server 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
6e2de3ce93 new(userspace/falco): read all the gRPC server configs 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
bc42c075cb new: grpc server certificates config 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
b682f5c344 new: grpc server threadiness config 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
c389ec1b61 new(userspace/falco): store context metadata for future usage 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
21e588394f new(userspace/falco): handle SIGHUP and SIGINT in the main process not in the spawned threads (grpc server) 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
3df53f6092 new(userspace/falco): grpc ssl server credentials 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
e1d092f408 build: use secure GRPC_LIB and GRPCPP_LIB 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
b94f7be3a8 new(userspace/falco): trasmit output event timestamp over gRPC 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
f611604ac8 update(userspace/falco): remove id from falco output proto 
Co-authored-by: Lorenzo Fontana <fontanalorenzo@me.com>

Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
5e511d8f09 new(userspace/falco): check lua data when handling gRPC 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
bef491ae20 new(usespace/falco): transmit output sources 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
286d7b1cd5 new(userspace/falco): transmit output priorities 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
d6efb17f88 chore(userspace/falco): use the falco grpc output namespace 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
c40b797f33 update(userspace/falco/lua): no need to pass priority num 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
ab806a4599 update(userspace/falco): namespace the proto messages and types 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
bd90a6ce89 update(usersoace/falco): allow aliases for enum types 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Lorenzo Fontana
3cea413177 update(userspace/falco/lua): passing format to resolve output fields 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00
Lorenzo Fontana
26217cec5c new(userspace/falco): read output_fields from a lua table 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00
Lorenzo Fontana
7f35b7f712 new(userspace/engine): expose resolve_tokens to lua 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
826ad0b271 new(userspace/falco): context metadata 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Lorenzo Fontana
6cce448206 new(userspace/falco): send rule and message only for now 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00
Lorenzo Fontana
0a9f61f0fb new(userspace/falco): implement the output queue methods directly 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
43cd429967 new(userspace/falco): falco output handler to send events via grpc 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
7a99336b3b chore(userspace/falco): cleanup boot logic for grpc server 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
45df07bc1b update(userspace/falco): use concurrent output queue in grpc server 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
Co-authored-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
4f23b0bdfb update(userspace/falco): use concurrent output queue in grpc server impl 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
5f29d46cb3 update(userspace/falco/lua): separate events output from messages outputs using different lua functions 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
34a34cecb6 update(userspace/falco): remove format from grpc responses 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
4bdf8495de new(userspace/falco): introducing concurrent queue for falco outputs 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
23000528d4 update(userspace/falco): grab grpc output configuration 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
872681c7cc new: falco config for grpc server and outputs 
Co-Authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
a53e22d2d5 chore(usperspace/falco): move grpc server impl 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Leonardo Di Donato
c3abccb27b build(userspace/falco): prepare grpc server implementation to be moved 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2019-09-25 16:43:32 +03:00
Lorenzo Fontana
0bec2607a5 new(userspace/falco): specify that we can have multiple client consuming mechanisms, only round robin fashion is implemented now 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00
Lorenzo Fontana
5abb26e764 new(userspace/falco): handle subscribe events as streams based on keepalive 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00
Lorenzo Fontana
fcc7fad0e7 new(userspace/falco): subscribe keepalive parameter 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00
Lorenzo Fontana
572a1e8381 update(userspace/falco): keep the stream open 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00
Lorenzo Fontana
356861be5f new(userspace/falco): initial grpc queuing logic 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00
Lorenzo Fontana
25f5fcacae new(userspace/falco): grpc server event bus queue 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2019-09-25 16:43:32 +03:00