New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add tests catchall order #355

merged 3 commits into from Apr 19, 2018


None yet
1 participant

mstemm commented Apr 18, 2018

Testing fix for #354 as well as some other minor improvements that allow suppressing evttype warnings for a given rule.

mstemm added some commits Apr 18, 2018

Only check whole rule names when matching counts
Tweak the regex so a rule my_great_rule doesn't pick up event counts for
a rule "great_rule: nnn".
Add ability to skip evttype warnings for rules
A new attribute warn_evttypes, if present, suppresses printing warnings
related to a rule not matching any event type. Useful if you have a rule
where not including an event type is intentional.

@mstemm mstemm added the in progress label Apr 19, 2018

Add test for preserving rule order
Test the fix for #354. A rules
file has a event-specific rule first and a catchall rule second. Without
the changes in draios/sysdig#1103, the first
rule does not match the event.

@mstemm mstemm merged commit e922a84 into dev Apr 19, 2018

3 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
continuous-integration/travis-ci/push The Travis CI build passed
sign-off-checker The commit doesn't require sysdig sign-off CLA because it belongs to mstemm part of draios/falco collaborators

@mstemm mstemm deleted the add-tests-catchall-order branch Apr 19, 2018

@mstemm mstemm removed the in progress label Apr 19, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment