Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
ebpf.Config
// RuntimeEnabled defines if the runtime security module should be enabled
RuntimeEnabled bool
// PoliciesDir defines the folder in which the policy files are located
PoliciesDir string
// EnableKernelFilters defines if in-kernel filtering should be activated or not
EnableKernelFilters bool
// EnableApprovers defines if in-kernel approvers should be activated or not
EnableApprovers bool
// EnableDiscarders defines if in-kernel discarders should be activated or not
EnableDiscarders bool
// FlushDiscarderWindow defines the maximum time window for discarders removal.
// This is used during reload to avoid removing all the discarders at the same time.
FlushDiscarderWindow int
// SocketPath is the path to the socket that is used to communicate with the security agent
SocketPath string
// SyscallMonitor defines if the syscall monitor should be activated or not
SyscallMonitor bool
// EventServerBurst defines the maximum burst of events that can be sent over the grpc server
EventServerBurst int
// EventServerRate defines the grpc server rate at which events can be sent
EventServerRate int
// EventServerRetention defines an event retention period so that some fields can be resolved
EventServerRetention int
// PIDCacheSize is the size of the user space PID caches
PIDCacheSize int
// CookieCacheSize is the size of the cookie cache used to cache process context
CookieCacheSize int
// LoadControllerEventsCountThreshold defines the amount of events past which we will trigger the in-kernel circuit breaker
LoadControllerEventsCountThreshold int64
// LoadControllerDiscarderTimeout defines the amount of time discarders set by the load controller should last
LoadControllerDiscarderTimeout time.Duration
// LoadControllerControlPeriod defines the period at which the load controller will empty the user space counter used
// to evaluate the amount of events brought back to user space
LoadControllerControlPeriod time.Duration
// StatsPollingInterval determines how often metrics should be polled
StatsPollingInterval time.Duration
// StatsTagsCardinality determines the cardinality level of the tags added to the exported metrics
StatsTagsCardinality string
// StatsdAddr defines the statsd address
StatsdAddr string
// AgentMonitoringEvents determines if the monitoring events of the agent should be sent to Datadog
AgentMonitoringEvents bool
// FIMEnabled determines whether fim rules will be loaded
FIMEnabled bool
// CustomSensitiveWords defines words to add to the scrubber
CustomSensitiveWords []string
// ERPCDentryResolutionEnabled determines if the ERPC dentry resolution is enabled
ERPCDentryResolutionEnabled bool
// MapDentryResolutionEnabled determines if the map resolution is enabled
MapDentryResolutionEnabled bool
// DentryCacheSize is the size of the user space dentry cache
DentryCacheSize int
// RemoteTaggerEnabled defines whether the remote tagger is enabled
RemoteTaggerEnabled bool
// HostServiceName string
HostServiceName string
// LogPatterns pattern to be used by the logger for trace level
LogPatterns []string
// SelfTestEnabled defines if the self tester should be enabled (useful for tests for example)
SelfTestEnabled bool
// EnableRemoteConfig defines if configuration should be fetched from the backend
EnableRemoteConfig bool
}
Config holds the configuration for the runtime security agent
Source Files
Click to show internal directories.
Click to hide internal directories.