config

package

v0.0.1 Latest Latest Go to latest Published: Mar 17, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/khulnasoft/tracee

Links

Open Source Insights

Documentation ¶

Index ¶

type CalcHashesOption
- func (c CalcHashesOption) String() string
type CapabilitiesConfig
type CaptureConfig
type Config
- func (c Config) Validate() error
type ContainerMode
type FileCaptureConfig
type FileCaptureType
type OutputConfig
type PcapsConfig
type PrinterConfig

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CalcHashesOption ¶

type CalcHashesOption int

const (
	CalcHashesNone CalcHashesOption = iota
	CalcHashesInode
	CalcHashesDevInode
	CalcHashesDigestInode
)

func (CalcHashesOption) String ¶

func (c CalcHashesOption) String() string

type CapabilitiesConfig ¶

type CapabilitiesConfig struct {
	BypassCaps bool
	AddCaps    []string
	DropCaps   []string
}

type CaptureConfig ¶

type CaptureConfig struct {
	OutputPath string
	FileWrite  FileCaptureConfig
	FileRead   FileCaptureConfig
	Module     bool
	Exec       bool
	Mem        bool
	Bpf        bool
	Net        PcapsConfig
}

type Config ¶

type Config struct {
	Policies           *policy.Policies
	Capture            *CaptureConfig
	Capabilities       *CapabilitiesConfig
	Output             *OutputConfig
	Cache              queue.CacheConfig
	ProcTree           proctree.ProcTreeConfig
	PerfBufferSize     int
	BlobPerfBufferSize int
	MaxPidsCache       int // maximum number of pids to cache per mnt ns (in Tracee.pidsInMntns)
	BTFObjPath         string
	BPFObjBytes        []byte
	KernelConfig       *helpers.KernelConfig
	OSInfo             *helpers.OSInfo
	Sockets            runtime.Sockets
	NoContainersEnrich bool
	EngineConfig       engine.Config
	MetricsEnabled     bool
	DNSCacheConfig     dnscache.Config
}

Config is a struct containing user defined configuration of tracee

func (Config) Validate ¶

func (c Config) Validate() error

Validate does static validation of the configuration

type ContainerMode ¶

type ContainerMode int

const (
	ContainerModeDisabled ContainerMode = iota
	ContainerModeEnabled
	ContainerModeEnriched
)

type FileCaptureConfig ¶

type FileCaptureConfig struct {
	Capture    bool
	PathFilter []string
	TypeFilter FileCaptureType
}

type FileCaptureType ¶

type FileCaptureType uint

FileCaptureType represents file type capture configuration flags Values should match the filter values in the eBPF file ( CaptureRegularFiles -> FILTER_NORMAL_FILES)

const (
	CaptureRegularFiles FileCaptureType = 1 << iota
	CapturePipeFiles
	CaptureSocketFiles
	CaptureELFFiles
)

Filters for file types flags

const (
	CaptureStdinFiles FileCaptureType = 1 << (iota + 16)
	CaptureStdoutFiles
	CaptureStderrFiles
)

Filters for FDs flags

type OutputConfig ¶

type OutputConfig struct {
	StackAddresses bool
	ExecEnv        bool
	RelativeTime   bool
	CalcHashes     CalcHashesOption

	ParseArguments    bool
	ParseArgumentsFDs bool
	EventsSorting     bool
}

type PcapsConfig ¶

type PcapsConfig struct {
	CaptureSingle    bool
	CaptureProcess   bool
	CaptureContainer bool
	CaptureCommand   bool
	CaptureFiltered  bool
	CaptureLength    uint32
}

type PrinterConfig ¶

type PrinterConfig struct {
	Kind          string
	OutPath       string
	OutFile       io.WriteCloser
	ContainerMode ContainerMode
	RelativeTS    bool
}

Source Files ¶

View all Source files

config.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL