Documentation
¶
Index ¶
- Variables
- func BuildFilter(ctx context.Context, ff *tetragon.Filter, filterFuncs []OnBuildFilter) (hubbleFilters.FilterFuncs, error)
- func BuildFilterList(ctx context.Context, ff []*tetragon.Filter, filterFuncs []OnBuildFilter) (hubbleFilters.FilterFuncs, error)
- func FilterByLabelSelectors(labelSelectors []string) (hubbleFilters.FilterFunc, error)
- func GetParent(event *v1.Event) *tetragon.Process
- func GetPolicyName(event *v1.Event) string
- func GetProcess(event *v1.Event) *tetragon.Process
- func MaybeExecProbe(binary string, args string, execProbe []string) bool
- func ParseFilterList(filters string, enablePidSetFilters bool) ([]*tetragon.Filter, error)
- type ArgumentsRegexFilter
- type BinaryRegexFilter
- type CELExpressionFilter
- type CapsFilter
- type ChildCache
- type EventTypeFilter
- type HealthCheckFilter
- type LabelsFilter
- type NamespaceFilter
- type OnBuildFilter
- type OnBuildFilterFunc
- type ParentArgumentsRegexFilter
- type ParentBinaryRegexFilter
- type PidFilter
- type PidSetFilter
- type PodRegexFilter
- type PolicyNamesFilter
Constants ¶
This section is empty.
Variables ¶
View Source
var Filters = []OnBuildFilter{ &BinaryRegexFilter{}, &ParentBinaryRegexFilter{}, &HealthCheckFilter{}, &NamespaceFilter{}, &PidFilter{}, &PidSetFilter{}, &EventTypeFilter{}, &ArgumentsRegexFilter{}, &ParentArgumentsRegexFilter{}, &LabelsFilter{}, &PodRegexFilter{}, &PolicyNamesFilter{}, &CapsFilter{}, }
Filters is the list of default filters
Functions ¶
func BuildFilter ¶
func BuildFilter(ctx context.Context, ff *tetragon.Filter, filterFuncs []OnBuildFilter) (hubbleFilters.FilterFuncs, error)
func BuildFilterList ¶
func BuildFilterList(ctx context.Context, ff []*tetragon.Filter, filterFuncs []OnBuildFilter) (hubbleFilters.FilterFuncs, error)
func FilterByLabelSelectors ¶
func FilterByLabelSelectors(labelSelectors []string) (hubbleFilters.FilterFunc, error)
FilterByLabelSelectors returns a FilterFunc. The FilterFunc returns true if and only if any of the specified selectors select the event. The caller specifies how to extract labels from the event.
func GetPolicyName ¶ added in v1.1.0
Types ¶
type ArgumentsRegexFilter ¶
type ArgumentsRegexFilter struct{}
func (*ArgumentsRegexFilter) OnBuildFilter ¶
func (f *ArgumentsRegexFilter) OnBuildFilter(_ context.Context, ff *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
type BinaryRegexFilter ¶
type BinaryRegexFilter struct{}
func (*BinaryRegexFilter) OnBuildFilter ¶
func (f *BinaryRegexFilter) OnBuildFilter(_ context.Context, ff *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
type CELExpressionFilter ¶ added in v1.2.1
type CELExpressionFilter struct {
// contains filtered or unexported fields
}
CELExpressionFilter implements filtering based on CEL (common expression language) expressions
func NewCELExpressionFilter ¶ added in v1.2.1
func NewCELExpressionFilter(log logrus.FieldLogger) *CELExpressionFilter
func (*CELExpressionFilter) OnBuildFilter ¶ added in v1.2.1
func (t *CELExpressionFilter) OnBuildFilter(ctx context.Context, f *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
OnBuildFilter builds a CEL expression filter.
type CapsFilter ¶ added in v1.1.0
type CapsFilter struct{}
func (*CapsFilter) OnBuildFilter ¶ added in v1.1.0
func (f *CapsFilter) OnBuildFilter(_ context.Context, ff *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
type ChildCache ¶ added in v0.10.0
type ChildCache = map[uint32]struct{}
We could use an LRU here but we really don't want to evict old entries and risk failing a test that uses this filter. Instead, we take the safer approach from the perspective of testing and opt to grow the map indefinitely and log a warning if the size exceeeds a pre-determined threshold. Since we have protections in place to prevent this filter being used in production, this should be acceptable.
type EventTypeFilter ¶
type EventTypeFilter struct{}
func (*EventTypeFilter) OnBuildFilter ¶
func (f *EventTypeFilter) OnBuildFilter(_ context.Context, ff *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
type HealthCheckFilter ¶
type HealthCheckFilter struct{}
func (*HealthCheckFilter) OnBuildFilter ¶
func (f *HealthCheckFilter) OnBuildFilter(_ context.Context, ff *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
type LabelsFilter ¶
type LabelsFilter struct{}
LabelsFilter implements filtering based on pod labels
func (*LabelsFilter) OnBuildFilter ¶
func (l *LabelsFilter) OnBuildFilter(_ context.Context, filter *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
OnBuildFilter builds a labels filter
type NamespaceFilter ¶
type NamespaceFilter struct{}
func (*NamespaceFilter) OnBuildFilter ¶
func (f *NamespaceFilter) OnBuildFilter(_ context.Context, ff *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
type OnBuildFilter ¶
type OnBuildFilter interface {
OnBuildFilter(context.Context, *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
}
OnBuildFilter is invoked while building a flow filter
type OnBuildFilterFunc ¶
type OnBuildFilterFunc func(context.Context, *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
OnBuildFilterFunc implements OnBuildFilter for a single function
func (OnBuildFilterFunc) OnBuildFilter ¶
func (f OnBuildFilterFunc) OnBuildFilter(ctx context.Context, tetragonFilter *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
OnBuildFilter is invoked while building a flow filter
type ParentArgumentsRegexFilter ¶ added in v1.2.1
type ParentArgumentsRegexFilter struct{}
func (*ParentArgumentsRegexFilter) OnBuildFilter ¶ added in v1.2.1
func (f *ParentArgumentsRegexFilter) OnBuildFilter(_ context.Context, ff *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
type ParentBinaryRegexFilter ¶ added in v1.2.0
type ParentBinaryRegexFilter struct{}
func (*ParentBinaryRegexFilter) OnBuildFilter ¶ added in v1.2.0
func (f *ParentBinaryRegexFilter) OnBuildFilter(_ context.Context, ff *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
type PidFilter ¶
type PidFilter struct{}
func (*PidFilter) OnBuildFilter ¶
func (f *PidFilter) OnBuildFilter(_ context.Context, ff *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
type PidSetFilter ¶
type PidSetFilter struct{}
PidSetFilter is a filter that matches on a process and all of its children by their PID, up to maxChildCacheSize number of children.
func (*PidSetFilter) OnBuildFilter ¶
func (f *PidSetFilter) OnBuildFilter(_ context.Context, ff *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
type PodRegexFilter ¶
type PodRegexFilter struct{}
func (*PodRegexFilter) OnBuildFilter ¶
func (f *PodRegexFilter) OnBuildFilter(_ context.Context, ff *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
type PolicyNamesFilter ¶ added in v1.1.0
type PolicyNamesFilter struct{}
PolicyNamesFilter implements filtering based on Tetragon policy names
func (*PolicyNamesFilter) OnBuildFilter ¶ added in v1.1.0
func (f *PolicyNamesFilter) OnBuildFilter(_ context.Context, filter *tetragon.Filter) ([]hubbleFilters.FilterFunc, error)
OnBuildFilter builds a Tetragon policy name filter
Source Files
Click to show internal directories.
Click to hide internal directories.