Documentation
¶
Index ¶
Constants ¶
View Source
const NamespaceEnvVar = "NAMESPACE_NAME"
View Source
const NodeNameEnvVar = "NODE_NAME"
View Source
const PodNameEnvVar = "POD_NAME"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
BlockEvents bool `mapstructure:"blockEvents"`
CelConfigCache cache.FunctionCacheConfig `mapstructure:"celConfigCache"`
ContainerEolNotificationBuffer int `mapstructure:"containerEolNotificationBuffer"`
DBpf bool `mapstructure:"dBpf"`
DCapSys bool `mapstructure:"dCapSys"`
DDns bool `mapstructure:"dDns"`
DExec bool `mapstructure:"dExec"`
DExit bool `mapstructure:"dExit"`
DFork bool `mapstructure:"dFork"`
DHardlink bool `mapstructure:"dHardlink"`
DHttp bool `mapstructure:"dHttp"`
DIouring bool `mapstructure:"dIouring"`
DKmod bool `mapstructure:"dKmod"`
DNSCacheSize int `mapstructure:"dnsCacheSize"`
DNetwork bool `mapstructure:"dNetwork"`
DOpen bool `mapstructure:"dOpen"`
DPtrace bool `mapstructure:"dPtrace"`
DRandomx bool `mapstructure:"dRandomx"`
DSeccomp bool `mapstructure:"dSeccomp"`
DSsh bool `mapstructure:"dSsh"`
DSymlink bool `mapstructure:"dSymlink"`
DTop bool `mapstructure:"dTop"`
EnableApplicationProfile bool `mapstructure:"applicationProfileServiceEnabled"`
EnableBackendStorage bool `mapstructure:"backendStorageEnabled"`
EnableEmbeddedSboms bool `mapstructure:"enableEmbeddedSBOMs"`
EnableFIM bool `mapstructure:"fimEnabled"`
EnableFullPathTracing bool `mapstructure:"fullPathTracingEnabled"`
EnableHostMalwareSensor bool `mapstructure:"hostMalwareSensorEnabled"`
EnableHostNetworkSensor bool `mapstructure:"hostNetworkSensorEnabled"`
EnableHttpDetection bool `mapstructure:"httpDetectionEnabled"`
EnableMalwareDetection bool `mapstructure:"malwareDetectionEnabled"`
EnableNetworkStreaming bool `mapstructure:"networkStreamingEnabled"`
EnableNetworkTracing bool `mapstructure:"networkServiceEnabled"`
EnableNodeProfile bool `mapstructure:"nodeProfileServiceEnabled"`
EnablePartialProfileGeneration bool `mapstructure:"partialProfileGenerationEnabled"`
EnablePrometheusExporter bool `mapstructure:"prometheusExporterEnabled"`
EnableRuntimeDetection bool `mapstructure:"runtimeDetectionEnabled"`
EnableSbomGeneration bool `mapstructure:"sbomGenerationEnabled"`
EnableSeccomp bool `mapstructure:"seccompServiceEnabled"`
EventBatchSize int `mapstructure:"eventBatchSize"`
ExcludeJsonPaths []string `mapstructure:"excludeJsonPaths"`
ExcludeLabels map[string][]string `mapstructure:"excludeLabels"`
ExcludeNamespaces []string `mapstructure:"excludeNamespaces"`
ExitCleanup processtreecreator.ExitCleanupConfig `mapstructure:"exitCleanup"`
Exporters exporters.ExportersConfig `mapstructure:"exporters"`
FIM FIMConfig `mapstructure:"fim"`
IgnoreRuleBindings bool `mapstructure:"ignoreRuleBindings"`
IncludeNamespaces []string `mapstructure:"includeNamespaces"`
InitialDelay time.Duration `mapstructure:"initialDelay"`
KubernetesMode bool `mapstructure:"kubernetesMode"`
MaxDelaySeconds int `mapstructure:"maxDelaySeconds"`
MaxImageSize int64 `mapstructure:"maxImageSize"`
MaxJitterPercentage int `mapstructure:"maxJitterPercentage"`
MaxSBOMSize int `mapstructure:"maxSBOMSize"`
MaxSniffingTime time.Duration `mapstructure:"maxSniffingTimePerContainer"`
MaxTsProfileSize int64 `mapstructure:"maxTsProfileSize"`
NamespaceName string `mapstructure:"namespaceName"`
NetworkStreamingInterval time.Duration `mapstructure:"networkStreamingInterval"`
NodeName string `mapstructure:"nodeName"`
NodeProfileInterval time.Duration `mapstructure:"nodeProfileInterval"`
OrderedEventQueue OrderedEventQueueConfig `mapstructure:"orderedEventQueue"`
PodName string `mapstructure:"podName"`
ProcfsPidScanInterval time.Duration `mapstructure:"procfsPidScanInterval"`
ProcfsScanInterval time.Duration `mapstructure:"procfsScanInterval"`
ProfilesCacheRefreshRate time.Duration `mapstructure:"profilesCacheRefreshRate"`
RuleCoolDown rulecooldown.RuleCooldownConfig `mapstructure:"ruleCooldown"`
TestMode bool `mapstructure:"testMode"`
UpdateDataPeriod time.Duration `mapstructure:"updateDataPeriod"`
WorkerChannelSize int `mapstructure:"workerChannelSize"`
WorkerPoolSize int `mapstructure:"workerPoolSize"`
}
func LoadConfig ¶
LoadConfig reads configuration from file or environment variables.
func (*Config) IgnoreContainer ¶ added in v0.2.325
func (*Config) SkipNamespace ¶ added in v0.2.101
type FIMConfig ¶ added in v0.2.393
type FIMConfig struct {
Directories []FIMDirectoryConfig `mapstructure:"directories"`
BackendConfig hostfimsensor.HostFimBackendConfig `mapstructure:"backendConfig"`
BatchConfig hostfimsensor.HostFimBatchConfig `mapstructure:"batchConfig"`
DedupConfig hostfimsensor.HostFimDedupConfig `mapstructure:"dedupConfig"`
PeriodicConfig *hostfimsensor.HostFimPeriodicConfig `mapstructure:"periodicConfig"`
Exporters FIMExportersConfig `mapstructure:"exporters"`
}
FIMConfig defines the configuration for File Integrity Monitoring
func (*FIMConfig) GetFIMExportersConfig ¶ added in v0.2.393
func (c *FIMConfig) GetFIMExportersConfig() exporters.ExportersConfig
GetFIMExportersConfig returns the exporters configuration for FIM
func (*FIMConfig) GetFIMPathConfigs ¶ added in v0.2.393
func (c *FIMConfig) GetFIMPathConfigs() []hostfimsensor.HostFimPathConfig
GetFIMPathConfigs converts FIMDirectoryConfig to HostFimPathConfig
type FIMDirectoryConfig ¶ added in v0.2.393
type FIMDirectoryConfig struct {
Path string `mapstructure:"path"`
OnCreate bool `mapstructure:"onCreate"`
OnChange bool `mapstructure:"onChange"`
OnRemove bool `mapstructure:"onRemove"`
OnRename bool `mapstructure:"onRename"`
OnChmod bool `mapstructure:"onChmod"`
OnMove bool `mapstructure:"onMove"`
}
FIMDirectoryConfig defines configuration for a directory to monitor
type FIMExportersConfig ¶ added in v0.2.393
type FIMExportersConfig struct {
StdoutExporter *bool `mapstructure:"stdoutExporter"`
HTTPExporterConfig *exporters.HTTPExporterConfig `mapstructure:"httpExporterConfig"`
SyslogExporter string `mapstructure:"syslogExporterURL"`
AlertManagerExporterUrls []string `mapstructure:"alertManagerExporterUrls"`
}
FIMExportersConfig defines which exporters to use for FIM events
type OrderedEventQueueConfig ¶ added in v0.3.3
Source Files
Click to show internal directories.
Click to hide internal directories.