modules

package
v0.0.2-0...-4ce78c8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 17, 2021 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// DefaultRuntimePoliciesDir is the default policies directory used by the runtime security module
	DefaultRuntimePoliciesDir = "/etc/datadog-agent/runtime-security.d"
)

Variables

All System Probe modules should register their factories here

View Source
var ErrProcessUnsupported = errors.New("process module unsupported")

ErrProcessUnsupported is an error type indicating that the process module is not support in the running environment

View Source
var ErrSysprobeUnsupported = errors.New("system-probe unsupported")

ErrSysprobeUnsupported is the unsupported error prefix, for error-class matching from callers

View Source
var NetworkTracer = api.Factory{
	Name: config.NetworkTracerModule,
	Fn: func(cfg *config.Config) (api.Module, error) {
		ncfg := networkconfig.New()

		if supported, msg := tracer.IsTracerSupportedByOS(ncfg.ExcludedBPFLinuxVersions); !supported {
			return nil, fmt.Errorf("%w: %s", ErrSysprobeUnsupported, msg)
		}

		klog.Infof("Creating tracer for: %s", filepath.Base(os.Args[0]))

		t, err := tracer.NewTracer(ncfg)
		return &networkTracer{tracer: t}, err
	},
}

NetworkTracer is a factory for NPM's tracer

View Source
var OOMKillProbe = api.Factory{
	Name: config.OOMKillProbeModule,
	Fn: func(cfg *config.Config) (api.Module, error) {
		klog.Infof("Starting the OOM Kill probe")
		okp, err := probe.NewOOMKillProbe(ebpf.NewConfig())
		if err != nil {
			return nil, errors.Wrapf(err, "unable to start the OOM kill probe")
		}
		return &oomKillModule{okp}, nil
	},
}

OOMKillProbe Factory

View Source
var Process = api.Factory{
	Name: config.ProcessModule,
	Fn: func(cfg *config.Config) (api.Module, error) {
		klog.Infof("Creating process module for: %s", filepath.Base(os.Args[0]))

		p := procutil.NewProcessProbe(procutil.WithReturnZeroPermStats(false))
		if p == nil {
			return nil, ErrProcessUnsupported
		}
		return &process{probe: p}, nil
	},
}

Process is a module that fetches process level data

View Source
var SecurityRuntime = api.Factory{
	Name: config.SecurityRuntimeModule,
	Fn: func(agentConfig *config.Config) (api.Module, error) {
		config, err := sconfig.NewConfig(agentConfig)
		if err != nil {
			return nil, errors.Wrap(err, "invalid security runtime module configuration")
		}

		module, err := secmodule.NewModule(config)
		if err == ebpf.ErrNotImplemented {
			klog.Info("Datadog runtime security agent is only supported on Linux")
			return nil, api.ErrNotEnabled
		}
		return module, err
	},
}

SecurityRuntime - Security runtime Factory

View Source
var TCPQueueLength = api.Factory{
	Name: config.TCPQueueLengthTracerModule,
	Fn: func(cfg *config.Config) (api.Module, error) {
		t, err := probe.NewTCPQueueLengthTracer(ebpf.NewConfig())
		if err != nil {
			return nil, errors.Wrapf(err, "unable to start the TCP queue length tracer")
		}

		return &tcpQueueLengthModule{t}, nil
	},
}

TCPQueueLength Factory

Functions

This section is empty.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL