Documentation
¶
Index ¶
Constants ¶
const ( ProcessCheckName = "process" RTProcessCheckName = "rtprocess" ContainerCheckName = "container" RTContainerCheckName = "rtcontainer" ConnectionsCheckName = "connections" PodCheckName = "pod" NetworkCheckName = "Network" OOMKillCheckName = "OOM Kill" TCPQueueLengthCheckName = "TCP queue length" ProcessModuleCheckName = "Process Module" )
Name for check performed by process-agent or system-probe
Variables ¶
This section is empty.
Functions ¶
func CompileStringsToRegex ¶ added in v0.9.0
CompileStringsToRegex compile each word in the slice into a regex pattern to match against the cmdline arguments The word must contain only word characters ([a-zA-z0-9_]) or wildcards *
func IsBlacklisted ¶
IsBlacklisted returns a boolean indicating if the given command is blacklisted by our config.
func NewDefaultTransport ¶
NewDefaultTransport provides a http transport configuration with sane default timeouts
Types ¶
type AgentConfig ¶
type AgentConfig struct {
Enabled bool
HostName string
APIEndpoints []apicfg.Endpoint
LogFile string
LogLevel string
LogToConsole bool
QueueSize int // The number of items allowed in each delivery queue.
ProcessQueueBytes int // The total number of bytes that can be enqueued for delivery to the process intake endpoint
Blacklist []*regexp.Regexp
Scrubber *DataScrubber
MaxPerMessage int
MaxCtrProcessesPerMessage int // The maximum number of processes that belong to a container for a given message
MaxConnsPerMessage int
AllowRealTime bool
Transport *http.Transport `json:"-"`
DDAgentBin string
StatsdHost string
StatsdPort int
ProcessExpVarPort int
ProfilingEnabled bool
ProfilingSite string
ProfilingURL string
ProfilingAPIKey string
ProfilingEnvironment string
ProfilingPeriod time.Duration
ProfilingCPUDuration time.Duration
// host type of the agent, used to populate container payload with additional host information
ContainerHostType model.ContainerHostType
// System probe collection configuration
EnableSystemProbe bool
SystemProbeAddress string
// Orchestrator config
Orchestrator *oconfig.OrchestratorConfig
// Check config
EnabledChecks []string
CheckIntervals map[string]time.Duration
// Windows-specific config
Windows WindowsConfig
// contains filtered or unexported fields
}
AgentConfig is the global config for the process-agent. This information is sourced from config files and the environment variables.
func NewAgentConfig ¶
func NewAgentConfig(loggerName config.LoggerName, yamlPath, netYamlPath string) (*AgentConfig, error)
NewAgentConfig returns an AgentConfig using a configuration file. It can be nil if there is no file available. In this case we'll configure only via environment.
func NewDefaultAgentConfig ¶
func NewDefaultAgentConfig(canAccessContainers bool) *AgentConfig
NewDefaultAgentConfig returns an AgentConfig with defaults initialized
func (AgentConfig) CheckInterval ¶
func (a AgentConfig) CheckInterval(checkName string) time.Duration
CheckInterval returns the interval for the given check name, defaulting to 10s if not found.
func (AgentConfig) CheckIsEnabled ¶
func (a AgentConfig) CheckIsEnabled(checkName string) bool
CheckIsEnabled returns a bool indicating if the given check name is enabled.
func (*AgentConfig) LoadProcessYamlConfig ¶
func (a *AgentConfig) LoadProcessYamlConfig(path string) error
LoadProcessYamlConfig load Process-specific configuration
type DataScrubber ¶
type DataScrubber struct {
Enabled bool
StripAllArguments bool
SensitivePatterns []*regexp.Regexp
// contains filtered or unexported fields
}
DataScrubber allows the agent to blacklist cmdline arguments that match a list of predefined and custom words
func NewDefaultDataScrubber ¶
func NewDefaultDataScrubber() *DataScrubber
NewDefaultDataScrubber creates a DataScrubber with the default behavior: enabled and matching the default sensitive words
func (*DataScrubber) AddCustomSensitiveWords ¶
func (ds *DataScrubber) AddCustomSensitiveWords(words []string)
AddCustomSensitiveWords adds custom sensitive words on the DataScrubber object
func (*DataScrubber) IncrementCacheAge ¶
func (ds *DataScrubber) IncrementCacheAge()
IncrementCacheAge increments one cycle of cache memory age. If it reaches cacheMaxCycles, the cache is restarted
func (*DataScrubber) ScrubCommand ¶
func (ds *DataScrubber) ScrubCommand(cmdline []string) ([]string, bool)
ScrubCommand hides the argument value for any key which matches a "sensitive word" pattern. It returns the updated cmdline, as well as a boolean representing whether it was scrubbed
func (*DataScrubber) ScrubProcessCommand ¶
func (ds *DataScrubber) ScrubProcessCommand(p *procutil.Process) []string
ScrubProcessCommand uses a cache memory to avoid scrubbing already known process' cmdlines
type WindowsConfig ¶
type WindowsConfig struct {
// Number of checks runs between refreshes of command-line arguments
ArgsRefreshInterval int
// Controls getting process arguments immediately when a new process is discovered
AddNewArgs bool
}
WindowsConfig stores all windows-specific configuration for the process-agent and system-probe.
Source Files