enricher

package

v0.8.3 Latest Latest Go to latest Published: Apr 8, 2024 License: Apache-2.0 Imports: 36 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubernetes-sigs/security-profiles-operator

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

Constants
func Dial() (*grpc.ClientConn, context.CancelFunc, error)
func ExtractAuditLine(logLine string) (*types.AuditLine, error)
func IsAuditLine(logLine string) bool
func LogFilePath() string
type Enricher
- func New(logger logr.Logger) *Enricher

Constants ¶

View Source

const (
	// ErrorNoSyscalls is returned when no syscalls are recorded for a profile.
	ErrorNoSyscalls = "no syscalls recorded for profile"
	// ErrorNoAvcs is returned when no AVCs are recorded for a profile.
	ErrorNoAvcs = "no avcs recorded for profile"
)

Variables ¶

This section is empty.

Functions ¶

func Dial ¶ added in v0.4.0

func Dial() (*grpc.ClientConn, context.CancelFunc, error)

Dial can be used to connect to the default GRPC server by creating a new client.

func ExtractAuditLine ¶ added in v0.7.0

func ExtractAuditLine(logLine string) (*types.AuditLine, error)

ExtractAuditLine extracts an auditline from logLine.

func IsAuditLine ¶ added in v0.7.0

func IsAuditLine(logLine string) bool

IsAuditLine checks whether logLine is a supported audit line.

func LogFilePath ¶ added in v0.7.0

func LogFilePath() string

LogFilePath returns either the path to the audit logs or falls back to syslog if the audit log path does not exist.

Types ¶

type Enricher ¶ added in v0.4.0

type Enricher struct {
	apienricher.UnimplementedEnricherServer
	// contains filtered or unexported fields
}

Enricher is the main structure of this package.

func New ¶ added in v0.4.0

func New(logger logr.Logger) *Enricher

New returns a new Enricher instance.

func (*Enricher) Avcs ¶ added in v0.4.0

func (e *Enricher) Avcs(
	_ context.Context, r *api.AvcRequest,
) (*api.AvcResponse, error)

Avcs returns the AVC messages for a provided profile.

func (*Enricher) ResetAvcs ¶ added in v0.4.0

func (e *Enricher) ResetAvcs(
	_ context.Context, r *api.AvcRequest,
) (*api.EmptyResponse, error)

ResetAvcs removes the avcs for a provided profile.

func (*Enricher) ResetSyscalls ¶ added in v0.4.0

func (e *Enricher) ResetSyscalls(
	_ context.Context, r *api.SyscallsRequest,
) (*api.EmptyResponse, error)

ResetSyscalls removes the syscalls for a provided profile.

func (*Enricher) Run ¶ added in v0.4.0

func (e *Enricher) Run() error

Run the log-enricher to scrap audit logs and enrich them with Kubernetes data (namespace, pod and container).

func (*Enricher) Syscalls ¶ added in v0.4.0

func (e *Enricher) Syscalls(
	_ context.Context, r *api.SyscallsRequest,
) (*api.SyscallsResponse, error)

Syscalls returns the syscalls for a provided profile.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
enricherfakes Code generated by counterfeiter.	Code generated by counterfeiter.
types

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL