github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-10-23 21:11:50 +00:00
Code Issues Projects Releases Wiki Activity
Files
b6fec781b7777dbb5f695f33f6c53e9dd933317a
falco/userspace/engine/lua
History
Mark Stemm b6fec781b7 Add support for parsing "intersects" operator 
Related to the changes in https://github.com/draios/sysdig/pull/1501,
add support for an "intersects" operator that verifies if any of the
values in the rhs of an expression are found in the set of extracted
values.

For example:

  (a,b,c) in (a,b) is false, but (a,b,c) intersects (a,b) is true.

The code that implements CO_INTERSECTS is in a different commit.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
2019-10-15 19:45:31 +02:00
..
compiler.lua
update: license headers
2019-10-08 16:02:26 +02:00
parser-smoke.sh
update: license headers
2019-10-08 16:02:26 +02:00
parser.lua
Add support for parsing "intersects" operator
2019-10-15 19:45:31 +02:00
README.md
Move falco engine to its own library.
2016-10-24 15:56:45 -07:00
rule_loader.lua
Add support for parsing "intersects" operator
2019-10-15 19:45:31 +02:00
sinsp_rule_utils.lua
Add support for parsing "intersects" operator
2019-10-15 19:45:31 +02:00

README.md

Installation

The sysdig grammar uses the lpeg parser. For now install it using luarocks: luarocks install lpeg.