github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-28 15:47:25 +00:00
Code Issues Projects Releases Wiki Activity
3,968 Commits 121 Branches 172 Tags 104 MiB
b246bcb052
Commit Graph

3968 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Luca Guerra
b246bcb052 fix(engine): fix werror reorder 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-09-04 17:26:52 +02:00
Andrea Terzolo
6251af0ab6 new: introduce new stats updated to the latest libs version 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-04 17:24:52 +02:00
Andrea Terzolo
ce79e01ae8 ci: support tests on amazon-linux 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-04 15:12:51 +02:00
Leonardo Grasso
9db4c9b2cb build(cmake/modules): upgrade falcoctl to version 0.6.0 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-09-04 14:18:51 +02:00
Andrea Terzolo
dba685eeda tests: enable e2e falco-driver-loader tests 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-04 12:19:46 +02:00
Andrea Terzolo
4f8d11acdd chore: bump engine version and checksum 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-04 12:19:46 +02:00
Andrea Terzolo
3c47915c56 chore: bump Falco to latest libs master 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-04 12:19:46 +02:00
Federico Di Pierro
0ec492086e fix(userspace/falco): properly delete metrics timer upon leaving. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2023-09-04 11:22:46 +02:00
Andrea Terzolo
442d1accbe cleanup: deprecate rate limiter mechanism 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-04 10:11:45 +02:00
Melissa Kilby
79577237a1 cleanup(config): add info about performance impact wrt rule_matching 
Co-authored-by: Andrea Terzolo <andreaterzolo3@gmail.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-09-04 10:10:46 +02:00
Melissa Kilby
08237b946f cleanup(config): add more info 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-09-04 10:10:46 +02:00
Andrea Terzolo
62e762a467 cleanup: deprecate no more supported userspace mode 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-04 10:09:46 +02:00
Andrea Terzolo
e6fe0a516d fix: fix falco MINIMAL_BUILD 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-09-04 10:09:46 +02:00
dependabot[bot]
a6b12a5c97 build(deps): Bump submodules/falcosecurity-testing 
Bumps [submodules/falcosecurity-testing](https://github.com/falcosecurity/testing) from `b39c807` to `9110022`.
- [Commits](b39c807a19...91100227b0)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-testing
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-04 10:08:46 +02:00
dependabot[bot]
b15a51a825 build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `3f52480` to `b42893a`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](3f52480618...b42893a6eb)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-01 06:50:31 +02:00
Jason Dellaluce
c8122ff474 fix(userspace/engine): support appending to unknown sources 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-09-01 06:46:31 +02:00
Jason Dellaluce
88dcdaac8a update(submodules): bump falcosecurity-testing to b39c807 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-08-31 18:33:30 +02:00
Jason Dellaluce
eabf49892d update(userspace/falco): bump engine version to 24 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-08-31 18:33:30 +02:00
Jason Dellaluce
901fca2257 update(userspace/engine): upgrade skip-if-unknown-filter YAML field 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-08-31 18:33:30 +02:00
Andrea Terzolo
cc8d6705f6 fix: fix "ebpf_enabled" output stat 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-08-31 17:37:29 +02:00
Federico Di Pierro
26f626c1d5 chore(userspace/falco): properly check that parent init() did not fail for reasons. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>

Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
 2023-08-31 16:11:29 +02:00
Federico Di Pierro
acaaa0b4ca cleanup(userspace/falco): improvements to the http output perf. 
Moreover, add option to disable stdout echoing.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2023-08-31 16:11:29 +02:00
hjenkins
63ba15962b fix(scripts): falco-driver-loader add print env 
Fixes #2352

Needed to refactor the target_id code paths to allow this to be used in
env printing and sourcing.

Signed-off-by: hjenkins <henry@henryjenkins.name>
 2023-08-31 12:10:28 +02:00
dependabot[bot]
f163780d62 build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `3ceea88` to `40a9817`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](3ceea88eeb...40a9817330)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-31 09:22:29 +02:00
Jason Dellaluce
01093d2dfc fix(userspace/engine): support both old and new gcc + std::move 
Old gcc versions (e.g. 4.8.3) won't allow move elision
but newer versions (e.g. 10.2.1) would complain about
the redundant move.

Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-08-30 20:57:27 +02:00
Jason Dellaluce
a6c2bf7123 update(cmake): support building libs and driver from forks 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-08-30 19:13:26 +02:00
Andrea Terzolo
988703b601 clenaup: remove b64 from falco dependencies 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-08-30 19:12:26 +02:00
jabdr
66841d8009 Support reload in falco-modern-bpf.service 
Signed-off-by: jabdr <jd@q321.de>
 2023-08-30 15:28:26 +02:00
jabdr
43ae8b0cac Support reload in falco-custom.service 
Signed-off-by: jabdr <jd@q321.de>
 2023-08-30 15:28:26 +02:00
jabdr
9a5f625d5f Support reload in falco-bpf.service 
Signed-off-by: jabdr <jd@q321.de>
 2023-08-30 15:28:26 +02:00
jabdr
799c09e638 Support reload in falco-kmod.service 
Signed-off-by: jabdr <jd@q321.de>
 2023-08-30 15:28:26 +02:00
Richard Tweed
2f267a044e Merge in master 
Signed-off-by: Richard Tweed <RichardoC@users.noreply.github.com>
 2023-08-29 17:57:21 +02:00
Richard Tweed
7b6d45c394 Update README. based on FedeDP's suggestion 
Co-authored-by: Federico Di Pierro <nierro92@gmail.com>
Signed-off-by: Richard Tweed <RichardoC@users.noreply.github.com>
 2023-08-29 17:57:21 +02:00
Richard Tweed
368796df61 Issue 2391 Document why Falco is written in C++ rather than anything else 
Signed-off-by: Richard Tweed <RichardoC@users.noreply.github.com>
 2023-08-29 17:57:21 +02:00
Andrea Terzolo
8d6c6900d3 cleanup: turn a warning into an error 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-08-29 13:46:21 +02:00
Andrea Terzolo
34d796439f cleanup: fail if the time unit is not specified 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-08-29 13:46:21 +02:00
Anna Simon
c8d1637130 feat(userspace/outputs_http): Add option for mTLS 
Signed-off-by: Anna Simon <asimon@mercari.com>
 2023-08-29 10:28:21 +02:00
Jason Dellaluce
600318aaae update(ci): minimize retention days for build-only CI artifacts 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-08-29 09:33:21 +02:00
Andrea Terzolo
ba1528e3c2 cleanup: remove unused --pidfile option 
Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
 2023-08-28 17:06:19 +02:00
Melissa Kilby
37ea9b25c4 feat(userspace): deprecate -d daemonize option 
Deprecate `-d` option (currently broken).

Symptoms included the message queue filling up without popping any messages
even though events were handled normally.

Maintainers decided to deprecate not needed `-d` option while keeping
the useful `pidfile` command args option.

Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-08-25 18:14:45 +02:00
Melissa Kilby
b66bf2c6e4 cleanup: remove some unused variables 
Co-authored-by: Andrea Terzolo <andreaterzolo3@gmail.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-08-25 15:20:45 +02:00
Melissa Kilby
0d4e77bcbe cleanup(config): assign Stable to metrics config 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-08-25 15:20:45 +02:00
Melissa Kilby
6cdb740786 cleanup(userspace): update parse_prometheus_interval 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-08-25 15:20:45 +02:00
Melissa Kilby
9a12a93342 feat(userspace): deprecate stats command args option in favor of metrics configs in falco.yaml 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-08-25 15:20:45 +02:00
Leonardo Grasso
84fe33a029 fix(userspace/falco): correct typo in -p help message 
Co-authored-by: Andrea Terzolo <andrea.terzolo@polito.it>
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-08-25 15:18:45 +02:00
Leonardo Grasso
8fbf49bbba update(userspace/falco): new defaults for -p presets 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-08-25 15:18:45 +02:00
Leonardo Grasso
f10d0499d2 update(userspace/falco): improve help message for -p option 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2023-08-25 15:18:45 +02:00
dependabot[bot]
259095651b build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `bf1639a` to `3ceea88`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](bf1639a574...3ceea88eeb)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-25 10:26:45 +02:00
dependabot[bot]
e5b9dd2dfc build(deps): Bump submodules/falcosecurity-rules 
Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `64ce419` to `bf1639a`.
- [Release notes](https://github.com/falcosecurity/rules/releases)
- [Commits](64ce419d92...bf1639a574)

---
updated-dependencies:
- dependency-name: submodules/falcosecurity-rules
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-24 11:48:39 +02:00
Melissa Kilby
9620515e40 cleanup(config): assign Stable to base_syscalls config 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-08-24 10:41:39 +02:00