24ab9c0aaa
Falco bridge+falcodump: Scan for personal plugins
2023-01-19 00:17:08 +00:00
11983087ed
Falcodump: More scap event code handling fixes
...
We don't need to do anything special for timeouts.
2023-01-12 02:36:41 +00:00
809b34455e
Falcodump: Improve scap event code handling
...
Check timeouts and filtered events.
2023-01-11 22:04:41 +00:00
f2caa6a0cc
Extcap: Fix falcodump gcc warnings and errors.
...
Fix warnings and errors reported by gcc 11.3.
2022-12-15 01:46:03 +00:00
9581085430
Falcodump: Open our fifo directly.
...
Just open our fifo directly using our sinsp dumper. Add a couple of
missing regions.
2022-12-12 18:36:52 +00:00
f10538a102
falcodump: Fix our credential and config file parsing.
2022-10-13 16:32:43 +00:00
7896f4b292
falcodump: Fixup our default profile and region.
...
Make sure we fetch AWS_PROFILE if it exists. Don't add AWS_PROFILE or
AWS_REGION if they're already in the profile and region lists. Fix our
default values.
2022-10-11 00:40:54 +00:00
a1ec850894
falcodump: Prefill the Cloudtrail profile and region fields.
...
Make the cloudtrail-aws-profile and cloudtrail-aws-region settings
prefilled selection lists. Make them editable as well.
2022-10-07 17:01:17 +00:00
ca0843f168
falcodump: Fixup our help output.
2022-10-03 15:09:55 -07:00
b5b1949c5e
falcodump: Updates for libsinsp and the cloudtrail plugin.
...
The libsinsp plugin API recently changed the way plugins are opened.
Update falcodump to match.
Plugins might return a nested and "$ref"ed config schema. Update our
parsing code to match.
2022-10-03 14:24:24 -07:00
28a26096fb
falcodump: Add support for selection options.
...
If a plugin has an "enum" + array in its configuration, convert it to a
selector option.
Start adding plugin sections to the falcodump man page.
2022-09-29 16:44:21 +00:00
5243ffa4c2
extcap: Add falcodump.
...
Add an extcap that fetches a scap from a Falco/libsinsp plugin. Tested
using the cloudtrail plugin.
2022-08-29 15:35:19 -07:00
Gerald Combs