Files
falco/userspace/engine/lua
Mark Stemm 047f12d0f6 More efficient searches for defined filters
Instead of iterating over the entire list of filters and doing pattern
matches against each defined filter, perform table lookups.

For filters that take arguments e.g. proc.aname[3] or evt.arg.xxx, split
the filtercheck string on bracket/dot and check the values against a
table.

There are now two tables of defined filters: defined_arg_filters and
defined_noarg_filters. Each filter is put into a table depending on
whether the filter takes an argument or not.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
2019-07-05 15:29:26 -07:00
..
2018-11-09 10:15:39 -08:00
2018-11-09 10:15:39 -08:00
2018-11-09 10:15:39 -08:00

Installation

The sysdig grammar uses the lpeg parser. For now install it using luarocks: luarocks install lpeg.