Adding host network watcher #486
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Amit Schendel <[email protected]>
Signed-off-by: Amit Schendel <[email protected]>
Signed-off-by: Matthias Bertschy <[email protected]>
…into feature/network-scan
matthyx
force-pushed
the
feature/host-agent
branch
from
badf978 to
10cfd03
Compare
matthyx
added a commit
that referenced
this pull request
Feb 20, 2025
* First commit Signed-off-by: Ben <[email protected]> * Adding base host rules Signed-off-by: Amit Schendel <[email protected]> * Adding base code of host rule manager Signed-off-by: Amit Schendel <[email protected]> * Adding mock Signed-off-by: Amit Schendel <[email protected]> * fixing process details Signed-off-by: Ben <[email protected]> * Adding main support for rule manager Signed-off-by: Amit Schendel <[email protected]> * Removing import Signed-off-by: Amit Schendel <[email protected]> * Adding process tree support Signed-off-by: Amit Schendel <[email protected]> * Adding fixed config Signed-off-by: Amit Schendel <[email protected]> * Chaning log to debug to prevent spamming Signed-off-by: Amit Schendel <[email protected]> * Adding new code Signed-off-by: Amit Schendel <[email protected]> * Adding rules Signed-off-by: Amit Schendel <[email protected]> * Adding fixed rules Signed-off-by: Amit Schendel <[email protected]> * Adding path and rules Signed-off-by: Amit Schendel <[email protected]> * Commenting read env variable from proc Signed-off-by: Amit Schendel <[email protected]> * Added host agent rules (#485) * Added host agent rules Signed-off-by: Afek Berger <[email protected]> * fixed tests & naming Signed-off-by: Afek Berger <[email protected]> --------- Signed-off-by: Afek Berger <[email protected]> * Fixing rule name Signed-off-by: Amit Schendel <[email protected]> * Configuring event receiver export Signed-off-by: Ben <[email protected]> * fix Signed-off-by: Ben <[email protected]> * Fixing test Signed-off-by: Amit Schendel <[email protected]> * Changing unused params to _ Signed-off-by: Amit Schendel <[email protected]> * Adding syscall peeking Signed-off-by: Amit Schendel <[email protected]> * Adding rule creation at constructor Signed-off-by: Amit Schendel <[email protected]> * Adding generic cooldown queue Signed-off-by: Amit Schendel <[email protected]> * implementing caching in the hosthashsensor Signed-off-by: Ben <[email protected]> * skip env check when running on host Signed-off-by: Matthias Bertschy <[email protected]> * fix kernel version parsing Signed-off-by: Matthias Bertschy <[email protected]> * Using temp k8s interface Signed-off-by: Amit Schendel <[email protected]> * Adding cloudmetadata to alerts Signed-off-by: Amit Schendel <[email protected]> * First commit Signed-off-by: Ben <[email protected]> * Adding base host rules Signed-off-by: Amit Schendel <[email protected]> * Adding base code of host rule manager Signed-off-by: Amit Schendel <[email protected]> * Adding mock Signed-off-by: Amit Schendel <[email protected]> * fixing process details Signed-off-by: Ben <[email protected]> * Adding main support for rule manager Signed-off-by: Amit Schendel <[email protected]> * Removing import Signed-off-by: Amit Schendel <[email protected]> * Adding process tree support Signed-off-by: Amit Schendel <[email protected]> * Adding fixed config Signed-off-by: Amit Schendel <[email protected]> * Chaning log to debug to prevent spamming Signed-off-by: Amit Schendel <[email protected]> * Adding new code Signed-off-by: Amit Schendel <[email protected]> * Adding rules Signed-off-by: Amit Schendel <[email protected]> * Adding fixed rules Signed-off-by: Amit Schendel <[email protected]> * Adding path and rules Signed-off-by: Amit Schendel <[email protected]> * Commenting read env variable from proc Signed-off-by: Amit Schendel <[email protected]> * Added host agent rules (#485) * Added host agent rules Signed-off-by: Afek Berger <[email protected]> * fixed tests & naming Signed-off-by: Afek Berger <[email protected]> --------- Signed-off-by: Afek Berger <[email protected]> * Fixing rule name Signed-off-by: Amit Schendel <[email protected]> * Configuring event receiver export Signed-off-by: Ben <[email protected]> * fix Signed-off-by: Ben <[email protected]> * Fixing test Signed-off-by: Amit Schendel <[email protected]> * Changing unused params to _ Signed-off-by: Amit Schendel <[email protected]> * Adding syscall peeking Signed-off-by: Amit Schendel <[email protected]> * Adding rule creation at constructor Signed-off-by: Amit Schendel <[email protected]> * Adding generic cooldown queue Signed-off-by: Amit Schendel <[email protected]> * implementing caching in the hosthashsensor Signed-off-by: Ben <[email protected]> * Using temp k8s interface Signed-off-by: Amit Schendel <[email protected]> * Adding cloudmetadata to alerts Signed-off-by: Amit Schendel <[email protected]> * skip env check when running on host Signed-off-by: Matthias Bertschy <[email protected]> * fix kernel version parsing Signed-off-by: Matthias Bertschy <[email protected]> * split main into node and host agent Signed-off-by: Matthias Bertschy <[email protected]> * Ptracewatcher Signed-off-by: Ben <[email protected]> * Adding host network watcher (#486) * Adding host network watcher Signed-off-by: Amit Schendel <[email protected]> * Fixing process tree Signed-off-by: Amit Schendel <[email protected]> * adding a goreleaser config Signed-off-by: Matthias Bertschy <[email protected]> --------- Signed-off-by: Amit Schendel <[email protected]> Signed-off-by: Matthias Bertschy <[email protected]> Co-authored-by: Matthias Bertschy <[email protected]> * Fixing Dockerfile - @matthias blame Signed-off-by: Amit Schendel <[email protected]> * fix Signed-off-by: Ben <[email protected]> * Removing network on host Signed-off-by: Amit Schendel <[email protected]> * Clean unused code Signed-off-by: Amit Schendel <[email protected]> * Removing io_uring init on host Signed-off-by: Amit Schendel <[email protected]> * Adding reporting of open and exec to hash sensor Signed-off-by: Amit Schendel <[email protected]> * Adding injected rule creator Signed-off-by: Amit Schendel <[email protected]> * Public validate Signed-off-by: Amit Schendel <[email protected]> * Removing files Signed-off-by: Amit Schendel <[email protected]> * Removing host container Signed-off-by: Amit Schendel <[email protected]> * fixing nits before merging Signed-off-by: Matthias Bertschy <[email protected]> --------- Signed-off-by: Ben <[email protected]> Signed-off-by: Amit Schendel <[email protected]> Signed-off-by: Afek Berger <[email protected]> Signed-off-by: Matthias Bertschy <[email protected]> Co-authored-by: Amit Schendel <[email protected]> Co-authored-by: Afek Berger <[email protected]> Co-authored-by: Matthias Bertschy <[email protected]> Co-authored-by: Amit Schendel <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview