github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2026-04-04 02:52:09 +00:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • ad960a9485 chore(docker): rename SKIP_MODULE_LOAD to SKIP_DRIVER_LOADER Leonardo Grasso 2020-07-02 16:19:22 +02:00
  • d8d218230d rules update: create placeholder macros for customization kaizhe 2020-07-01 14:55:12 -07:00
  • b7e7a10035 docs: add myself to owners Leonardo Grasso 2020-07-03 16:08:22 +02:00
  • fecf1a9fea fix(userspace/falco/lua): correct argument Leonardo Grasso 2020-07-02 14:58:42 +02:00
  • b0f5e5473c feat(docs): Updating readme to match falco.org readme-update Kris Nova 2020-07-02 10:34:38 -07:00
  • 54a6d5c523 build: do not download lyaml and lpeg from draios S3 anymore Leonardo Di Donato 2020-06-29 17:36:18 +00:00
  • 9fe78bf658 build: fetch libb64 and luajit from github, not from draios repos Leonardo Di Donato 2020-06-29 15:19:08 +00:00
  • 727755e276 build: fetch openssl, curl, njson dependencies from github not draios Leonardo Di Donato 2020-06-29 14:57:41 +00:00
  • 352307431a fix: update k8s audit endpoint to /k8s-audit everywhere Lorenzo Fontana 2020-07-01 10:36:56 +02:00
  • 6cfb0ec2b8 update(test): setup bidi gRPC integration test Leonardo Grasso 2020-06-01 17:33:33 +02:00
  • 4af769f84c new(test): add gRPC unix socket support Leonardo Grasso 2020-06-01 14:13:30 +02:00
  • 82e0b5f217 fix(userspace/falco): honor -M also when using a trace file Leonardo Grasso 2020-06-01 14:12:20 +02:00
  • b4d005eb51 new(test): read grpc config fields Leonardo Di Donato 2020-05-25 09:19:26 +00:00
  • 061c5f5ac9 new(test): setup gRPC output test case Leonardo Di Donato 2020-05-25 09:18:46 +00:00
  • c06ccf8378 update(docker/tester): grpcurl Leonardo Di Donato 2020-05-25 09:17:28 +00:00
  • 3408ea9164 Add GitLab to ADOPTERS.md samwhite-gl 2020-06-29 13:02:48 -06:00
  • 51aea00be8 Add GitLab to ADOPTERS.md samwhite-gl 2020-06-29 13:02:48 -06:00
  • a5cadbf5fa rule(Disallowed K8s User): whitelist kube-apiserver-healthcheck Antoine Deschênes 2020-06-29 14:06:32 -04:00
  • 9eb0b7fb5f update(userspace/falco): avoid memory allocation for falco output response Lorenzo Fontana 2020-06-05 16:32:27 +02:00
  • 869d883dc7 update(userspace/falco): better gRPC server logging Lorenzo Fontana 2020-06-01 17:24:12 +02:00
  • b88767f558 bc(userspace/falco): the Falco gRPC Outputs API are now "falco.outputs.service/get" and "falco.outputs.service/sub" Leonardo Di Donato 2020-05-29 23:12:35 +00:00
  • bdbdf7b830 update(userspace/falco): pluralize Falco output proto and service Leonardo Di Donato 2020-05-29 23:11:32 +00:00
  • 4e2f3e2c71 update(proposals): keep Falco gRPC Outputs proposal in sync Leonardo Di Donato 2020-05-29 23:10:48 +00:00
  • 3d9bc8f67b update(userspace/falco): remove keepalive from output request Lorenzo Fontana 2020-05-29 14:52:38 +02:00
  • c89c11c3c4 update(userspace/falco): remove output queue size Lorenzo Fontana 2020-05-29 14:31:31 +02:00
  • 5bd9ba0529 update(userspace/falco/grpc): simpler bidirectional context state transitions Lorenzo Fontana 2020-05-29 14:27:36 +02:00
  • b9e6d65e69 update(userspace/falco/grpc): bidirectional sub implementation Lorenzo Fontana 2020-05-29 14:26:55 +02:00
  • 0d194f2b40 update(userspace/falco/grpc): for stream contexts use a flag to detect if it is still running or not Lorenzo Fontana 2020-05-29 14:12:39 +02:00
  • d9f2cda8cf update(userspace/falco/grpc): dealing with multiple streaming requests Lorenzo Fontana 2020-05-28 15:56:06 +02:00
  • 2ebc55f897 wip(userspace/falco): bidirectional gRPC outputs logic (initial) Leonardo Di Donato 2020-05-28 00:17:40 +00:00
  • 01ae8701d9 new(userspace/falco): concrete initial implementation of the subscribe gRPC service Leonardo Di Donato 2020-05-27 20:04:33 +00:00
  • be6c4b273d new(userspace/falco): gRPC context for bidirectional services Leonardo Di Donato 2020-05-27 20:03:09 +00:00
  • a72f27c028 new(userspace/falco): macro to REGISTER_BIDI gRPC services Leonardo Di Donato 2020-05-27 20:01:57 +00:00
  • 58adc5b60c new(userspace/falco): output gRPC service to provide a server streaming method and a bidirectional method to obtain Falco alerts Leonardo Di Donato 2020-05-27 20:01:12 +00:00
  • cf31712fad update(userspace/falco): context class for bidirectional gRPC services Leonardo Di Donato 2020-05-27 19:59:35 +00:00
  • a568c42adb update(userspace/falco): unsafe_size() method for falco::output::queue Leonardo Di Donato 2020-05-27 19:58:41 +00:00
  • 05dd170d70 fix(userspace/falco): virtual destructor of base grpc context Leonardo Di Donato 2020-05-26 17:52:34 +00:00
  • e29a4c8560 rule(list network_tool_binaries): add zmap to the list kaizhe 2020-06-26 15:52:49 -07:00
  • c5ba95deff docs: teal logo is svg Lorenzo Fontana 2020-06-26 13:47:38 +02:00
  • 27037e64cc chore(rules): remove redundant condition from root_dir macro Leonardo Grasso 2020-06-26 12:40:28 +02:00
  • 1859552834 fix(rules): correct root_dir macro to avoid unwanted matching Leonardo Grasso 2020-06-24 15:38:30 +02:00
  • 298ba29c88 rule(Change thread namespace): whitelist protokube, dockerd, tini and aws Nicolas Marier 2020-05-15 15:09:02 -04:00
  • 0272b94bb1 rule(macro exe_running_docker_save): add new cmdline Nicolas Marier 2020-05-15 16:08:27 -04:00
  • dbd86234ad rule(macro user_expected_terminal_shell_in_container_conditions): create the macro Nicolas Marier 2020-04-20 11:05:36 -04:00
  • bc875db899 Update ToC for proposals/20200623-rules-required-engine-version-scope.md proposal/rules-engine-version-scope toc-me[bot] 2020-06-23 09:24:05 +00:00
  • 0b60fb90a4 update: rules engine version scope proposal Lorenzo Fontana 2020-06-23 11:21:16 +02:00
  • b69bde6bd4 rule(macro user_known_write_below_binary_dir_activities): Create the macro Nicolas Marier 2020-06-11 15:08:28 -04:00
  • d2f0ad7c07 fix(rules): exclude runc writing /var/lib/docker for container drift detected rules Leonardo Di Donato 2020-06-11 15:07:20 +00:00
  • 70b9bfe1d6 rule(Container Drift Detected): detect new exec created in a container Omer Azaria 2020-06-03 21:49:12 -07:00
  • 17f6da7885 Add Logz.io to Falco's adopters list ADOPTERS.md (continuing commit #1235) Dotan Horovits 2020-06-18 09:28:34 +03:00
  • dee0cc67f3 rule update (Anonymous Request Allowed): update to checking auth decision equals to allow kaizhe 2020-06-18 11:51:30 -07:00
  • 8429256e37 fix(falco.yaml): correct k8s audit endpoint Leonardo Grasso 2020-06-12 00:11:56 +02:00
  • 00884ef581 Log modified copy instead of original message. Shane Lawrence 2020-06-03 21:09:14 -04:00
  • 258103be08 adding changes for laptop nova-debug Kris Nova 2020-06-16 11:17:16 -07:00
  • 81c53a8d29 feat(build): Including the falco-driver-loader into the container image falco-driver-loader-dockerfile Kris Nova 2020-06-10 21:39:14 -07:00
  • f35cc98126 feat(debug): More debug for testing in GKE Kris Nova 2020-06-10 21:26:06 -07:00
  • 94149e4b00 feat(debug): Just pushing my work up so I can go work from the couch Kris Nova 2020-06-10 19:06:24 -07:00
  • 578ef7f64d rule(Create files below dev): correct condition to catch openat Leonardo Grasso 2020-06-04 15:58:03 +02:00
  • a5ce61f03f rule(macro bin_dir_rename): correct condition to catch all variants Leonardo Grasso 2020-06-04 15:46:27 +02:00
  • 74ca02d199 rule(macro bin_dir_mkdir): correct condition to catch mkdirat case Leonardo Grasso 2020-06-04 10:33:24 +02:00
  • 400567785e WIP: attempt to run an integration test with the driver and the event-generator chore/integration-grpc-with-event-generator Leonardo Grasso 2020-05-29 11:46:45 +02:00
  • 960ac52bcc new(test): read grpc config fields feat/grpc-integration-tests Leonardo Di Donato 2020-05-25 09:19:26 +00:00
  • 3a33dfff0b new(test): setup gRPC output test case Leonardo Di Donato 2020-05-25 09:18:46 +00:00
  • 542cdb493c update(docker/tester): grpcurl Leonardo Di Donato 2020-05-25 09:17:28 +00:00
  • 3bfd94fefd docs(test): run locally handling python deps with venv Leonardo Di Donato 2020-05-25 09:13:45 +00:00
  • 6eb9b1add1 build(test): requirements.txt Leonardo Di Donato 2020-05-25 09:01:23 +00:00
  • 81e29c55ec rule(macro user_known_set_setuid_or_setgid_bit_conditions): create macro Nicolas Marier 2020-05-15 10:57:59 -04:00
  • f186e5f41f fix(userspace/falco): set gpr log verbosity accordingly to the Falco one Leonardo Di Donato 2020-05-19 08:46:25 +00:00
  • ade64b0ce8 update(userspace/falco): make log level a configuration member Leonardo Di Donato 2020-05-19 08:43:06 +00:00
  • d808c0aeaf update(tests/engine): test is_unix_scheme Leonardo Di Donato 2020-05-18 14:02:56 +00:00
  • 65e069a020 update(userspace/engine): url_is_unix_scheme() util is now is_unix_scheme(string_view) Leonardo Di Donato 2020-05-18 14:02:19 +00:00
  • 75c2275dac build(userspace): falco and falco_engine depend on string-view-lite header Leonardo Di Donato 2020-05-18 14:01:14 +00:00
  • 258f73ede2 build: download string-view-lite Leonardo Di Donato 2020-05-18 14:00:34 +00:00
  • 3386671452 build(cmake/modules): cmake module for string-view-lite Leonardo Di Donato 2020-05-18 13:55:16 +00:00
  • 2680a459ec new(tests/engine): update socket path Lorenzo Fontana 2020-05-17 03:51:07 +02:00
  • da9278f061 docs: add grpc notice in falco.yaml Lorenzo Fontana 2020-05-17 03:50:46 +02:00
  • dc0670c718 update(userspace/falco): wrap gpr logs into falco logs Lorenzo Fontana 2020-05-17 03:50:30 +02:00
  • 05ce5b7f0b new(tests): cases for falco::utils::starts_with Lorenzo Fontana 2020-05-17 02:33:35 +02:00
  • de8bade2bf update(userspace/engine): move utils inside engine Lorenzo Fontana 2020-05-17 02:32:05 +02:00
  • e245fe460f docs: update falco.yaml to explain how to use the unix socket feature Lorenzo Fontana 2020-05-17 01:59:23 +02:00
  • d7de45acb2 new(userspace/falco): gRPC server unix socket support Lorenzo Fontana 2020-05-17 01:58:40 +02:00
  • 86b473e224 update(userspace/falco): utilities to detect unix socket prefix in string Lorenzo Fontana 2020-05-17 01:58:00 +02:00
  • d1c9aae881 rule(list allowed_k8s_users): Add vertical pod autoscaler as known k8s users Mark Stemm 2020-05-20 12:59:57 -07:00
  • 986ea28279 rule(macro user_known_k8s_client_container): Allow hcp-tunnelfront torun kubectl in containers Mark Stemm 2020-05-20 16:33:52 -07:00
  • 5266618689 rule(macro lvprogs_writing_conf): Add lvs as a lvm program Mark Stemm 2020-05-20 09:42:15 -07:00
  • fa3d2eb473 rule(macro trusted_logging_images): Let azure-npm image write to /var/log Mark Stemm 2020-05-20 09:38:12 -07:00
  • acb3f94786 rule(macro trusted_logging_images): Add addl fluentd image Mark Stemm 2020-05-20 09:33:24 -07:00
  • d1af7e139f rule update: fix macro reference kaizhe 2020-05-19 22:11:30 -07:00
  • 434a5abc8b docs(CONTRIBUTING.md): update slack channel URL Leonardo Grasso 2020-05-20 15:24:52 +02:00
  • fd97f99b9f build: focal builder generic kernel headers Lorenzo Fontana 2020-05-19 15:57:53 +02:00
  • 555bf1f10d build: use ubuntu focal instead of bionic during the ubuntu CI step Lorenzo Fontana 2020-05-19 14:51:18 +02:00
  • f3f512c6dd fix(.circleci): correct publishing command 0.23.0 Leonardo Grasso 2020-05-18 17:50:25 +02:00
  • 8d79c11953 fix(CHANGELOG.md): correct typo Leonardo Grasso 2020-05-18 16:29:45 +02:00
  • 439152c8d8 docs: changelog for 0.23.0 Leonardo Grasso 2020-05-18 15:26:19 +02:00
  • 3d3d537d85 update(docker/falco-driver-loader): propagate all args Leonardo Grasso 2020-05-11 15:54:46 +02:00
  • 88dbc78a44 fix(scripts/falco-driver-loader): exit when bpf download fails Leonardo Grasso 2020-05-11 14:43:35 +02:00
  • 59c2e6b421 update(scripts/falco-driver-loader): break apart logic Leonardo Grasso 2020-05-11 14:39:29 +02:00
  • 33c93e6c29 chore(scripts/falco-driver-loader): improve messages Leonardo Grasso 2020-05-08 17:28:56 +02:00
  • 46483339a3 fix(test): correct kernel module name Leonardo Grasso 2020-05-18 12:24:29 +02:00
  • 762ef015b8 fix(scripts): correct kernel module name Leonardo Grasso 2020-05-18 12:24:13 +02:00