-
Notifications
You must be signed in to change notification settings - Fork 726
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* minor friendliness changes * minor refactories * few more event listeners * listener callback for clone() * merge dev * some inlining * small interface change * the set_output_format chisel API call now supports base64 and jsonbase64 * calculate a simple hash for each process that falco can use * minor typo * save container IP with the right endianess * improve local address detection by matching against the full list of container addresses * falco process hash includes the arguments if the process is a scripting language * extract the image ID from the docker API * save/load the container ID from trace files * fix a merge issue * Add container image id filtercheck. (#661) Add support for displaying container image ids via the filtercheck container.image.id. Only supported for docker containers right now. * minor changes required by the agent * compile error * some logging for debugging purposes * a bit more debug info * a bit more debug info * a bit more debug info * a bit more debug info * a bit more debug info * a bit more debug info * more debug info * more debug info * debug info fix * decrease container verbosity * more debug info * dump to memory functionality implemented * proper support for tracers in memory dumps * bugfix: potential buffer underrun * fixed a bug when converting sinsp IPv6 FDs to scap * compression experiments * cleanups * cleanups * fix a comment * a couple of helper functions for memory dumps * don't restart event numbering when reading merged captures + FD initialization bugfix * remove some logging * small changes to support memory dumping * dump a circular capture file when a command is run in the cassandra container * cleanups * a bit on infrastructure for a notification event * notification event type * apply the filter in the successive segments of a merged capture only if there actually is a filter * temporarily enable dump of any execve * some debug info * less aggressive logging * Restore scap_savefile * heuristic to determine if a thread is part of a shell pipe * fixes to the pipe detection heuristic * propagate bash pipe flags in the execve parser * a coule of helper functions * make sure the analyzer thread info is accessed only if available * EOLs * cleanups * cleanups * removed an unused variable
- Loading branch information
Showing
14 changed files
with
207 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.