config

package
v0.16.0-alpha Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 24, 2020 License: Apache-2.0 Imports: 6 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

View Source
var Global struct {
	// RunDir is the path to the runtime state directory for Capsule8
	RunDir string `split_words:"true" default:"/var/run/capsule8"`

	// SupportDir is the path to the supporting files directory for Capsule8
	SupportDir string `split_words:"true" default:"/var/lib/capsule8"`

	// HTTP address and port for the pprof runtime profiling endpoint.
	ProfilingListenAddr string `split_words:"true"`
}

Global contains overridable configuration options that apply globally

View Source
var Sensor struct {
	// DockerContainerDir is the path to the directory used for docker
	// container local storage areas (i.e. /var/lib/docker/containers)
	DockerContainerDir string `split_words:"true" default:"/var/lib/docker/containers"`

	// OciContainerDir is the path to the directory used for the
	// container runtime's container state directories
	// (i.e. /var/run/docker/libcontainerd)
	OciContainerDir string `split_words:"true" default:"/var/run/docker/libcontainerd"`

	// Sensor gRPC API Server listen address may be specified as any of:
	//   unix:/path/to/socket
	//   127.0.0.1:8484
	//   :8484
	ListenAddr string `split_words:"true" default:"unix:/var/run/capsule8/sensor.sock"`

	// UseTLS is the boolean switch to enable TLS use. By default it
	// is false. If UseTLS is true, TLSCACertPath, TLSServerCertPath
	// and TLSServerKeyPath will need to be set.
	UseTLS bool `split_words:"true" default:"false"`

	// TLSCACertPath is the path to the file that holds the
	// certificate authority certificate for the telemetry server.
	// This will only be used if UseTLS is true.
	TLSCACertPath string `split_words:"true" default:"/var/lib/capsule8/tls/ca.crt"`

	// TLSServerCertPath is the path to the file that holds the
	// server certificate for the telemetry server. This will only be
	// used if UseTLS is true.
	TLSServerCertPath string `split_words:"true" default:"/var/lib/capsule8/tls/server.crt"`

	// TLSServerKeyPath is the path to the file that holds the
	// server key for the telemetry server. This will only be used
	// if UseTLS is true.
	TLSServerKeyPath string `split_words:"true" default:"/var/lib/capsule8/tls/server.key"`

	// Names of cgroups to monitor for events. Each cgroup specified must
	// exist within the perf_event cgroup hierarchy. For example, if this
	// is set to "docker", the Sensor will monitor containers for events
	// and ignore processes not running in Docker containers. To monitor
	// the entire system, use "" or "/" as the cgroup name.
	CgroupName []string `split_words:"true"`

	// Ignore missing debugfs/tracefs mount (useful for automated testing)
	DontMountTracing bool `split_words:"true"`

	// Ignore missing perf_event cgroup filesystem mount
	DontMountPerfEvent bool `split_words:"true"`

	// The default size of ring buffers used for kernel perf_event
	// monitors. The size is defined in units of pages.
	RingBufferPages int `split_words:"true" default:"16"`

	// The default buffer length for Go channels used internally
	ChannelBufferLength int `split_words:"true" default:"1024"`

	// The size of the process info cache. If the system pid_max is greater
	// than this size, a less performant method of caching will be used.
	ProcessInfoCacheSize uint `split_words:"true" default:"131072"`
}

Sensor contains overridable configuration options for the sensor

Functions

func ValidateTLSConfig

func ValidateTLSConfig() error

ValidateTLSConfig validates the TLS credentials from their configured paths if the UseTLS variable is true.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL