k8sauditgke

package

v0.2.0 Latest Latest Go to latest Published: May 7, 2024 License: Apache-2.0 Imports: 29 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/falcosecurity/plugins

Links

Open Source Insights

Documentation ¶

Constants ¶

View Source

const (
	PluginID          uint32 = 16
	PluginName               = "k8saudit-gke"
	PluginDescription        = "Read Kubernetes Audit Events for GKE from a Pub/Sub subscription"
	PluginContact            = "github.com/falcosecurity/plugins"
	PluginVersion            = "0.2.0"
	PluginEventSource        = "k8s_audit"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Plugin ¶

type Plugin struct {
	k8saudit.Plugin

	Config PluginConfig
	// contains filtered or unexported fields
}

func (*Plugin) ConvertLogEntry ¶ added in v0.2.0

func (p *Plugin) ConvertLogEntry(logEntry *logging.LogEntry, auditLog *audit.AuditLog) (*auditv1.Event, error)

ConvertLogEntry converts a logging.LogEntry and an audit.AuditLog into an auditv1.Event.

Parameters:

logEntry: A pointer to a logging.LogEntry representing the log entry to convert.
auditLog: A pointer to an audit.AuditLog representing the audit log to convert.

Returns:

*auditv1.Event: The generated k8s audit event.
error: An error if the conversion fails.

Note: This function is exposed for internal use and may lack formal documentation or signature guarantees. Use it with caution and at your own risk.

func (*Plugin) Info ¶

func (p *Plugin) Info() *plugins.Info

func (*Plugin) Init ¶

func (p *Plugin) Init(cfg string) error

initialize state

func (*Plugin) InitSchema ¶

func (p *Plugin) InitSchema() *sdk.SchemaInfo

func (*Plugin) NewContainerService ¶

func (p *Plugin) NewContainerService(ctx context.Context) (*container.Service, error)

func (*Plugin) Open ¶

func (p *Plugin) Open(params string) (source.Instance, error)

func (*Plugin) OpenReader ¶

func (k *Plugin) OpenReader(r string) (source.Instance, error)

func (*Plugin) String ¶

func (p *Plugin) String(evt sdk.EventReader) (string, error)

type PluginConfig ¶

type PluginConfig struct {
	ProjectID              string `` /* 137-byte string literal not displayed */
	CredentialsFile        string `` /* 279-byte string literal not displayed */
	NumGoroutines          int    `` /* 192-byte string literal not displayed */
	MaxOutstandingMessages int    `` /* 166-byte string literal not displayed */
	FetchClusterMetadata   bool   `json:"fetch_cluster_metadata"   jsonschema:"title=Fetch cluster metadata labels,description=(Default: false),default=false"`
	CacheExpiration        uint64 `` /* 134-byte string literal not displayed */
	UseAsync               bool   `` /* 166-byte string literal not displayed */
	MaxEventSize           uint64 `` /* 149-byte string literal not displayed */
}

func (*PluginConfig) Reset ¶

func (p *PluginConfig) Reset()

Reset sets the configuration to its default values

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL