Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CapabilitiesConfig ¶
type CaptureConfig ¶
type CaptureConfig struct { OutputPath string FileWrite FileCaptureConfig FileRead FileCaptureConfig Module bool Exec bool Mem bool Bpf bool Net PcapsConfig }
type Config ¶
type Config struct { Policies *policy.Policies Capture *CaptureConfig Capabilities *CapabilitiesConfig Output *OutputConfig Cache queue.CacheConfig ProcTree proctree.ProcTreeConfig PerfBufferSize int BlobPerfBufferSize int MaxPidsCache int // maximum number of pids to cache per mnt ns (in Tracee.pidsInMntns) BTFObjPath string BPFObjBytes []byte KernelConfig *helpers.KernelConfig OSInfo *helpers.OSInfo Sockets runtime.Sockets ContainersEnrich bool EngineConfig engine.Config MetricsEnabled bool }
Config is a struct containing user defined configuration of tracee
type ContainerMode ¶
type ContainerMode int
const ( ContainerModeDisabled ContainerMode = iota ContainerModeEnabled ContainerModeEnriched )
type FileCaptureConfig ¶
type FileCaptureConfig struct { Capture bool PathFilter []string TypeFilter FileCaptureType }
type FileCaptureType ¶
type FileCaptureType uint
FileCaptureType represents file type capture configuration flags Values should match the filter values in the eBPF file ( CaptureRegularFiles -> FILTER_NORMAL_FILES)
const ( CaptureRegularFiles FileCaptureType = 1 << iota CapturePipeFiles CaptureSocketFiles CaptureELFFiles )
Filters for file types flags
const ( CaptureStdinFiles FileCaptureType = 1 << (iota + 16) CaptureStdoutFiles CaptureStderrFiles )
Filters for FDs flags
type OutputConfig ¶
type PcapsConfig ¶
type PrinterConfig ¶
type PrinterConfig struct { Kind string OutPath string OutFile io.WriteCloser ContainerMode ContainerMode RelativeTS bool }
Click to show internal directories.
Click to hide internal directories.