github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-10-21 19:44:57 +00:00
Code Issues Projects Releases Wiki Activity
Files
1cdacc1494f68507bc00c8d8fe83a575e1af6fa5
falco/userspace/engine/lua
History
Mark Stemm aa073586f1 Add ability to filter events by priority/cleanups 
Clean up the handling of priority levels within rules. It used to be a
mix of strings handled in various places. Now, in falco_common.h there's
a consistent type for priority-as-number as well as a list of
priority-as-string values. Priorities are passed around as numbers
instead of strings. It's still permissive about capitalization.

Also add the ability to load rules by severity. New falco
config option "priority=<val>"/-o priority=<val> specifies the minimum
priority level of rules that will be loaded.

Add unit tests for same. The test suppresses INFO notifications for a
rule/trace file combination that would otherwise generate them.
2017-10-05 18:07:54 -07:00
..
compiler.lua
Remove trailing newlines from output
2017-08-09 17:53:53 -07:00
parser-smoke.sh
Move falco engine to its own library.
2016-10-24 15:56:45 -07:00
parser.lua
Remove trailing newlines from output
2017-08-09 17:53:53 -07:00
README.md
Move falco engine to its own library.
2016-10-24 15:56:45 -07:00
rule_loader.lua
Add ability to filter events by priority/cleanups
2017-10-05 18:07:54 -07:00

README.md

Installation

The sysdig grammar uses the lpeg parser. For now install it using luarocks: luarocks install lpeg.