enrichment

package

v1.15.0 Latest Latest Go to latest Published: Jul 29, 2024 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/castai/kvisor

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type Config
type ContainerForCgroupGetter
type EnrichRequest
type EventEnricher
- func EnrichWithFileHash(log *logging.Logger, mountNamespacePIDStore *types.PIDsPerNamespace, ...) EventEnricher
type PIDsInNamespaceGetter
type SensitiveValueRedactor
- func NewSensitiveValueRedactor(sensitiveValueRegex *regexp.Regexp) *SensitiveValueRedactor
- func (r *SensitiveValueRedactor) Enrich(ctx context.Context, req *EnrichRequest)
- func (r *SensitiveValueRedactor) EventTypes() []castpb.EventType
type Service
- func NewService(log *logging.Logger, cfg Config) *Service

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrCannotGetInode         = errors.New("cannot get inode for path")
	ErrProcFolderDoesNotExist = errors.New("/proc/<pid> folder does not exist")
	ErrFileDoesNotExist       = errors.New("wanted file does not exist")
)

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	WorkerCount    int
	EventEnrichers []EventEnricher
}

type ContainerForCgroupGetter ¶

type ContainerForCgroupGetter func(cgroup uint64) (*containers.Container, bool, error)

type EnrichRequest ¶

type EnrichRequest struct {
	Event     *castpb.Event
	EbpfEvent *types.Event
}

type EventEnricher ¶

type EventEnricher interface {
	// Enrich will add additional data to the provided Event.
	Enrich(context.Context, *EnrichRequest)

	// EventsTypes returns a slice of event types, this enricher reacts to.
	EventTypes() []castpb.EventType
}

func EnrichWithFileHash ¶

func EnrichWithFileHash(log *logging.Logger, mountNamespacePIDStore *types.PIDsPerNamespace, procFS proc.ProcFS) EventEnricher

type PIDsInNamespaceGetter ¶

type PIDsInNamespaceGetter func(ns uint32) []uint32

type SensitiveValueRedactor ¶ added in v1.9.0

type SensitiveValueRedactor struct {
	// contains filtered or unexported fields
}

func NewSensitiveValueRedactor ¶ added in v1.9.0

func NewSensitiveValueRedactor(sensitiveValueRegex *regexp.Regexp) *SensitiveValueRedactor

NewSensitiveValueRedactor creates a new SensitiveValueRedactor.

func (*SensitiveValueRedactor) Enrich ¶ added in v1.9.0

func (r *SensitiveValueRedactor) Enrich(ctx context.Context, req *EnrichRequest)

Enrich will add additional data to the provided Event.

func (*SensitiveValueRedactor) EventTypes ¶ added in v1.9.0

func (r *SensitiveValueRedactor) EventTypes() []castpb.EventType

EventsTypes returns a slice of event types, this enricher reacts to.

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

func NewService ¶

func NewService(log *logging.Logger, cfg Config) *Service

func (*Service) Enqueue ¶

func (s *Service) Enqueue(e *EnrichRequest) bool

func (*Service) Events ¶

func (s *Service) Events() <-chan *castpb.Event

func (*Service) Run ¶

func (s *Service) Run(ctx context.Context) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL